urlscan.io logo urlscan.io
SecurityTrails logo

malwaretips.com Open in urlscan Pro
104.26.9.188  Public Scan

Go To Rescan Add Verdict Report
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Submission: On September 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 9 countries across 24 domains to perform 143 HTTP transactions. The main IP is 104.26.9.188, located in and belongs to CLOUDFLARENET, US. The main domain is malwaretips.com. The Cisco Umbrella rank of the primary domain is 568255.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2022. Valid for: a year.
This is the only time malwaretips.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.26.9.188 13335 (CLOUDFLAR...)
19 2a00:1450:400... 15169 (GOOGLE)
19 2606:4700:20:... 13335 (CLOUDFLAR...)
5 14 2a00:1450:400... 15169 (GOOGLE)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.66 15169 (GOOGLE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
3 19 142.250.186.130 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
2 178.250.7.11 44788 (ASN-CRITE...)
3 3 37.157.5.132 198622 (ADFORM)
2 2 51.89.9.251 16276 (OVH)
1 1 151.101.130.49 54113 (FASTLY)
1 3.33.220.150 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 3.124.69.248 16509 (AMAZON-02)
2 2 3.126.78.53 16509 (AMAZON-02)
1 2 23.32.185.35 16625 (AKAMAI-AS)
1 1 85.114.159.118 ()
143 23
3    104.26.9.188 (None, )

ASN13335 (CLOUDFLARENET, US)
malwaretips.com
19    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2606:4700:20::ac43:45fa (United States)

ASN13335 (CLOUDFLARENET, US)
malwaretips.com
14    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
28    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
19    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    3.124.69.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.126.78.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-78-53.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
Apex Domain
Subdomains		 Transfer
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
591 KB
33 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
201 KB
22 malwaretips.com
malwaretips.com — Cisco Umbrella Rank: 568255
379 KB
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
249 KB
11 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
www.googleadservices.com — Cisco Umbrella Rank: 178
607 B
6 google.com
www.google.com — Cisco Umbrella Rank: 11
577 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
284 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
r.turn.com — Cisco Umbrella Rank: 6191
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2022
453 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1562
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
291 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 51511
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
677 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 910
725 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
796 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 KB
2 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 3157
6 KB
1 adition.com
dsp.adfarm1.adition.com
588 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2803
173 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
265 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
546 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
104 B
143 24
Domain Requested by
28 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
22 malwaretips.com malwaretips.com
19 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
malwaretips.com
19 pagead2.googlesyndication.com malwaretips.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 googleads.g.doubleclick.net 5 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 www.googleadservices.com malwaretips.com
8 fonts.gstatic.com fonts.googleapis.com
googleads.g.doubleclick.net
6 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
5 www.gstatic.com googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
3 c1.adform.net 3 redirects
2 sync.teads.tv 1 redirects
2 pm.w55c.net 2 redirects
2 x.bidswitch.net googleads.g.doubleclick.net
2 gcm.ctnsnet.com 2 redirects
2 onetag-sys.com 2 redirects
2 dis.criteo.com googleads.g.doubleclick.net
2 um.simpli.fi 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 r.turn.com malwaretips.com
googleads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 fonts.googleapis.com googleads.g.doubleclick.net
2 secure.gravatar.com malwaretips.com
1 dsp.adfarm1.adition.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
143 29

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-22 -
2023-10-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Frame ID: 62118AD4C1DE384170BDE6004A49A5CE
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: 4BC511BD53BF6A394A2A4726D8A258B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&adk=1812271804&adf=3025194257&lmt=1695053253&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452645&bpp=69&bdt=271&idt=333&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2938582872082&frm=20&pv=2&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=367
Frame ID: 043DB670BCC3E54EB80C3929941EA0BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Frame ID: D1CB1C514262A9792B50D9D341D09A0A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Frame ID: 569D5C8546FBBAF76415226A938CBDB6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Frame ID: 51B93CBB72686D61678784EA180FBC29
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4117A77A6CC8092CDAB492DE4BE6CA2F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 5379B53033362ECE3C7228D6461D6E1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CF8F48851385179A7A317A4AFD6F303E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 748211F31843D71278F3D25A727A042F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 27DDB5C4CE73DF75D55B9612C3031ECE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 088C27AE0B1510955825D47336C7A492
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Frame ID: 2E6C6170BD6F2070845E4DEDBA55C3A7
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 723109DB668F3DE3B5034AEF248C9874
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14D70F49BE8E1D87F19E58498FDDE7D3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Frame ID: ABB0E8D05F8FC1B1EEFA32F6179A1733
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AF7B438507D9605A59AB0191F0BDECA2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: B91086EA23657D7454D00E47205B1104
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E27BCD14DED4B02D726D63BA930C6EEE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 11CE60FFE6CAD7FF03B8AE3E2933F893
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Remove "You've Visited Illegal Infected Website" Fake Alerts

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

143
Requests

86 %
HTTPS

48 %
IPv6

24
Domains

29
Subdomains

23
IPs

9
Countries

1717 kB
Transfer

4301 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUXV15ZEIZbrSBoHA7AOMp4LYBZ6rzNJyjcbp_LwRZBABIJGHnTlglQKgAaXh9LcDyAEBqQLCxxk51eOxPqgDAcgDywSqBIcCT9D95bDNUoCyXTXCQ4-4IuJtlIZKahXX1QqtTlWYil3P10OnCfWzDtk5wScS46e1lh7evHurE8P96ZBIlOJ4TbHL4s7EZQkAbv_cjZUTqpzy_IWYYEDgKtKOHtnh35e8PIPJbrqBED7xSyrVEegJy9iWM7T5VyOAbsQa-wbm3hNETzWdIsdZE16YKCZ3WmtaUCum5moVUvsxrnusfy6LEuqRUXJJUU6_gcvXJIWL_fIklUW0NNB8xAwkS3mXFihb_t7neTeHmZISNjG-i1o44nARNPIJdqJ1eElezh9xE60r4xC0WzNbQkUQBLHTvoFNPp5p4UX77MnWeHtPOkmHG74fKLUUksnABM6X-oeVBIgFgZ7n70WSBQQIBBgBkgUECAUYBKAGLoAHw56LSKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOvoDtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCXdodHRwczovL3dvdy56b2xhci5kZS9zb2xhcmFubGFnZS1hbHMtaW5mbGF0aW9uc3NjaHV0ei1yZXQvP2NyZWF0aXZlPTY2NjIwNTM3NjM2NiZrZXl3b3JkPSZtYXRjaHR5cGU9Jm5ldHdvcms9ZCZkZXZpY2U9Y4AKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi03NzUwNzE5MTQ0ODUwMjU3GAA&sigh=H2JUPxP1-tM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWG2z_FYTXvE2Zj30nWr4mOyKVmGei5BgB&template_id=5021&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221339920008044109868%22,%22debug_reporting%22:true,%22destination%22:%22https://zolar.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22922562725%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22438373975390901521%22}&andc=true
Request Chain 64
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJo1wGePVVTpfCpIyTK-y2I&google_cver=1&google_push=AXcoOmSpzLaOn8gt-te5Klz006azfByfMyp1LkNj-N4K2KMSrPQqbtnwLWjxSiUWRiLjfPzIEy7c6DmS37jVCKmm9uEX70MSWOTEp-4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgwMjA5MDA5MTc4OTQ1ODEwNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
Request Chain 67
  • https://um.simpli.fi/gp_match?google_gid=CAESEIJTQEELIWNeiliiKc91x3o&google_cver=1&google_push=AXcoOmQira3omPUe3eRy4XNTy46NdC-SSCNo0Pw5Lf9ply7yNgwDzdHFwgIXYsnwUJ6FFgePU5ihVr_OvXHYDmmXmamhNXsou165q4Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmQira3omPUe3eRy4XNTy46NdC-SSCNo0Pw5Lf9ply7yNgwDzdHFwgIXYsnwUJ6FFgePU5ihVr_OvXHYDmmXmamhNXsou165q4Y
Request Chain 69
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHYGAjjekXHE3bic6bjWhj8&google_cver=1&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9QmwLfmImNSnrz4uJnmbLfLWvlmSg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHYGAjjekXHE3bic6bjWhj8&google_cver=1&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9QmwLfmImNSnrz4uJnmbLfLWvlmSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9QmwLfmImNSnrz4uJnmbLfLWvlmSg
Request Chain 70
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAVKFlgRLNn9ArrQDIg9HnM&google_cver=1&google_push=AXcoOmTc9jJFk9hpLxnaXhTTksSdcKzHyIOwTaOb6gtkE-R_u2161uFNG9FMwqPtZogVXzw8LQYKTJ8rKO1PQjM5dJ3qhHt_Jv3GFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTc9jJFk9hpLxnaXhTTksSdcKzHyIOwTaOb6gtkE-R_u2161uFNG9FMwqPtZogVXzw8LQYKTJ8rKO1PQjM5dJ3qhHt_Jv3GFQ
Request Chain 81
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1&google_push=AXcoOmTkE0qQTkE8Up6vikVh3vg05fsIYKkadvAAz2jaPaAF4PCkqN9kvJ4oQHXnnQAUqnNTzvqMryK-Xn8uYTZ0CneBG73Jsv6cIbH2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgwMjA5MDA5MTc4OTQ1ODEwNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
Request Chain 82
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEB5gq9pBkBqIF2jV3bPbP6I&google_cver=1&google_push=AXcoOmQqHwkcnCwmYYideSOqYGmBh0TRPquamG8x8Rb4lPfVrTy5g252Ng2sjbHLr7R3f0xycpGkNwoVXAqRf0Qv4vw0IhSAJxDJ4n-e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5gq9pBkBqIF2jV3bPbP6I&google_push=AXcoOmQqHwkcnCwmYYideSOqYGmBh0TRPquamG8x8Rb4lPfVrTy5g252Ng2sjbHLr7R3f0xycpGkNwoVXAqRf0Qv4vw0IhSAJxDJ4n-e
Request Chain 83
  • https://um.simpli.fi/gp_match?google_gid=CAESEA7O8qogxGx9eJrE6Ye_Rgk&google_cver=1&google_push=AXcoOmTu9EiKQtXwyi6KqYv9JVORaOgnmfPylvyYRwVwBTnyTGvaLJIcnHmDaVA9XTyuFpgLz-k4pRYBPkDqi0S5PrvqohcYTfhyBfI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmTu9EiKQtXwyi6KqYv9JVORaOgnmfPylvyYRwVwBTnyTGvaLJIcnHmDaVA9XTyuFpgLz-k4pRYBPkDqi0S5PrvqohcYTfhyBfI
Request Chain 85
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPR12f5vq6M3rksR-weWPHw&google_cver=1&google_push=AXcoOmT8ydgSSJUYpRGbZdmcz-uuGpJCx29hZ5ns2qa5jsQnmQNPcEV1iX2RbKxHiwrpXyLqvJBMvRN79nu5bDcIvMGEgqZPD7fup9y_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8ydgSSJUYpRGbZdmcz-uuGpJCx29hZ5ns2qa5jsQnmQNPcEV1iX2RbKxHiwrpXyLqvJBMvRN79nu5bDcIvMGEgqZPD7fup9y_&google_hm=uxtXlj9qTLmAbDgmYCjWifM
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0rjH5ZEIZe7jD6iViM0P5P-IoAG15JzdcfuJpaWUEPqyz7jpHBABIJGHnTlglQKgAbrb45gDyAEJqAMByAPLBKoEhQJP0OcstZybgDyfbJgvCurACxdA7RiI-U5AtnhNTVjsux0TPmglH_YN9YRYnyUZ3Atka742zL5Ify-F2Sj5yuIh2pZe4t4nVT-W-pGARoByUW-Dx9Dj36aATQxmfrhl1hWJUGKXkFHGD6tevzQb9irV04L4KsR_zIGOvYtyXCXURpzbyQ8nA75NcLDhsH5UC8ccFN29bgsmy-G-JGVCwcbtdZm_Vp1TgwmazP6mYKBl-2L13awKYTEBQFVpVDr8Rxn1UfT9DSYAzWYvNXrPD_-aE-56Mvfu-3HKiVcvzw-d0dPhUWDnAonkBicIiN3hA9OPETnO_QKcstZ7PIfP0kesOy_HDgzABPym4taFBIgFoZi24kCSBQQIBBgBkgUECAUYBKAGLoAHrqScZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELOZI9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCaABaHR0cHM6Ly93d3cuaW5mcmFnaXN0aWNzLmNvbS9wcm9kdWN0cy9pZ25pdGUtdWktYmxhem9yP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1pZ25pdGUtdWktYmxhem9yJnV0bV90ZXJtPWdlcm1hbnktZGlzcGxheS1jb21wb25lbnRzLWxtLW5ld4AKAcgLAbgT5APYEw2IFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItNzc1MDcxOTE0NDg1MDI1NxgA&sigh=g15sg1LV_UU&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWxqy4QtVtlNBgHYkJAJaZxeKObUoL-TVedGuflnSu5tA_Y40BwZMXXyJ-_UApnp26Y36rSSikNBgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22628649520923035144%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22857271738%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217653620661956135249%22}&andc=true
Request Chain 90
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 94
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIALF5ZEIZfq-FLCriM0PxI6ksA6XzN7Mafnqs_OHEN6419SLDhABIJGHnTlglQKgAZed-NkDyAEBqQJax73hMsW0PqgDAcgDywSqBJYCT9C2ZOzL4qWiyHTlgBAC5SFNYfnIyN2zt8yWDNPrGYuwBBtW2GIh2T9oT7ePPM3p_z3O83SEAxDyMNyyVd32XJx8gXrTsAYzizDW9uGmDvDcjc51MFnmNQSAiptFcQLPBVFrtm0uVLK8MKMkgB0-TEWFnhn1vkV3KeInXEDAzcMXqEg4Mzh0VwhaMPrtst30AU9qgC_8CEbYHLuKkTVoff3BwFbWjAHNNgtEQnR4bn2bU8P0IfozZIZMXN0k_M_8L57OXtU7X0lQy9dIIZXmsstKuLuEOF9i-GNiNBZKY3stZ9GCKl3efVKBAdKWJ90kDwffxxS23EYhRsYRxXR5aE1ASoU67Hab22CcrxFZiFqnh3VujmLABPDyudTtA4gF-rPnnzaSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH0eKHJqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENHcCNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCUlodHRwczovL3d3dy50b3RhbGFkYmxvY2suY29tL19mXy81ZWZlZjYyNzRkMjJmL2NsaWNrL2dvb2dsZS9hZHJlbW92ZXIvZXUygAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTc3NTA3MTkxNDQ4NTAyNTcYAA&sigh=xUf4s4AqGCw&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW2ZRvXXa-yLQZYpS45wg27qMi0H1UGMCCQhV6n8Uj1j6RhZ97kieqd9CsalFJgXWHoeNlBXNVCBgB&template_id=5028&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221197610534396388997%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22993922711%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223323166250595199905%22}&andc=true
Request Chain 120
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECan2uoEkoS5PiacsiznOro&google_cver=1&google_push=AXcoOmSqa0RSJY7rfpS1qF9Nrmf2MbBdYLemKkaDR2v7ftK7t2poxzoVAyiyN1kp3jr4ABONiiQAouK6NFRuo44ngOZ5udgZV6AJo-Zs HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSqa0RSJY7rfpS1qF9Nrmf2MbBdYLemKkaDR2v7ftK7t2poxzoVAyiyN1kp3jr4ABONiiQAouK6NFRuo44ngOZ5udgZV6AJo-Zs&google_hm=WmclAHX3ZhAlLVNCkla4xg
Request Chain 121
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&google_cver=1&google_push=AXcoOmQLh4U_qALHhw-n4s9nMHt4T5UbuyVO1b79BnXx3CATxPDSE3L7KZy5RtZqWUqjh7ARqGMYgHMCiZ9gMv6srKVeVaRbkTMjL0pi HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&google_cver=1&google_push=AXcoOmQLh4U_qALHhw-n4s9nMHt4T5UbuyVO1b79BnXx3CATxPDSE3L7KZy5RtZqWUqjh7ARqGMYgHMCiZ9gMv6srKVeVaRbkTMjL0pi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3owTUpySWYxUUlpRU01&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&google_cver=1&google_push=AXcoOmQLh4U_qALHhw-n4s9nMHt4T5UbuyVO1b79BnXx3CATxPDSE3L7KZy5RtZqWUqjh7ARqGMYgHMCiZ9gMv6srKVeVaRbkTMjL0pi
Request Chain 122
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPR12f5vq6M3rksR-weWPHw&google_cver=1&google_push=AXcoOmTzUELnOSALcK0hblExY2tDC4xLXK_1I_wEyCxyy7FOliSQJhZin37jWhnRWg7t47LaEi6uBLVfUg02khz29iQIXi1eWrnbNK72 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzUELnOSALcK0hblExY2tDC4xLXK_1I_wEyCxyy7FOliSQJhZin37jWhnRWg7t47LaEi6uBLVfUg02khz29iQIXi1eWrnbNK72&google_hm=uxtXlj9qTLmAbDgmYCjWifM
Request Chain 124
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-iD6XGdQNhGi8eXa8cuik&google_cver=1&google_push=AXcoOmQXNIuxH0_7gHvydS-OfFpakoBp09xAJi-Y6InLJR3Pcli3SP1ihAltN77utzQXuhUTfgdKxcQY1eoGCBInUst5459ieHpwPbPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmQXNIuxH0_7gHvydS-OfFpakoBp09xAJi-Y6InLJR3Pcli3SP1ihAltN77utzQXuhUTfgdKxcQY1eoGCBInUst5459ieHpwPbPg
Request Chain 125
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPsoBPuir4CpQsrSOdS6Zu4&google_cver=1&google_push=AXcoOmS5A02g_1UjLk2_lmCYiAcg8Tef-HkpKkg7xS24Q6bWVNu3a_txaUqTnzVhcx2FMPVtWZcUljBWYB4SOtjgI8ONhI0QNt3DX35W HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS5A02g_1UjLk2_lmCYiAcg8Tef-HkpKkg7xS24Q6bWVNu3a_txaUqTnzVhcx2FMPVtWZcUljBWYB4SOtjgI8ONhI0QNt3DX35W
Request Chain 126
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENfl3Zxf-mLwJKHGwW8PwVo&google_cver=1&google_push=AXcoOmTbMJZtBNisuXdj6HA2h6vV1MLYhKOLqyap8AbCTYSVQXwU0diQ_AXnIkVI1BrYliPqaF_kU03pe4ODdvCORvRKNBFLQIp7r0l1bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTbMJZtBNisuXdj6HA2h6vV1MLYhKOLqyap8AbCTYSVQXwU0diQ_AXnIkVI1BrYliPqaF_kU03pe4ODdvCORvRKNBFLQIp7r0l1bg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 129
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ChvVk55EIZYP9B92ciM0Ph6uAwAyA0LOkcri6t7DEEb2N-sGXHBABIJGHnTlglQKgAbrb45gDyAEJqAMByAPLBKoEiwJP0Jc0mjaybI3ePW9WFKe07RwOAV00iVVBy4fn3REeXwzeI_-lRFus3iYtrYDp3HDDBtM7-LWpgSdxiXM7Ymvp9E-bDOTS13_CGE-ACvK4ki4Nem0g-A65cnUI_y5fHNf1hX9S6wzNpGtDuACa8I8S8otq-Xvrg1vypyXR5ZyzU0-a9m9Uz_rDA4CsA6xMiwCFfcYzM4swa3MN7LYTIdEtiibklUXzqihf-3z7z58weDXo0mWh2FeORT8-lXjt1HbMf4qRd9sFepQn0A_ulx-LQGmTbTGQD8dmMj9TOiAMa15Ad6ax0ctBc5aggfObDIx3GioFcIbb9BHrFODv-beMh4CHya6Sdv8GW-DABN2y37aiBIgFuIfy0EmSBQQIBBgBkgUECAUYBKAGLoAHrqScZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOSrTtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCZ4BaHR0cHM6Ly93d3cuaW5mcmFnaXN0aWNzLmNvbS9wcm9kdWN0cy9pZ25pdGUtdWktYmxhem9yP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1pZ25pdGUtdWktYmxhem9yJnV0bV90ZXJtPWdlcm1hbnktZGlzcGxheS10ZWNoZXhlYy1sbS1uZXeACgHICwG4E-QD2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTc3NTA3MTkxNDQ4NTAyNTcYAA&sigh=XXbXELVfBPk&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW6jZ4Ef5k1FD8lJu-LdLqdEWgTxmwzb_iH2Ym5umYqDqC_Wcgg3owngnuoKmx6P1i-fnnzj_FTBgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226555659363665886585%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22857271738%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229797362496735592721%22}&andc=true
Request Chain 144
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMEq-aDXKpqCEHDSlUqI0dk&google_cver=1&google_push=AXcoOmRQaCqY7HRzWJAHHIoxuZ8Dl8P4weOj4t5hi6e-B2YAwJG3LHvd8gX806fv6vchyhbk2qBfMo8jFaah8jw-clgAogA4kBtaHleN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDIyOTIyNzU3MDg1NDA0NA%3D%3D&google_push=AXcoOmRQaCqY7HRzWJAHHIoxuZ8Dl8P4weOj4t5hi6e-B2YAwJG3LHvd8gX806fv6vchyhbk2qBfMo8jFaah8jw-clgAogA4kBtaHleN
Request Chain 148
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3LGB55EIZZuHDv6XiM0Pr4CY6A2XzN7Mafnqs_OHEN6419SLDhABIJGHnTlglQKgAZed-NkDyAEJqQJax73hMsW0PqgDAcgDywSqBJcCT9BxQSRpygjtba0x7yNdEHSgxbGGMcmGi32tnuVEwMXIiEDwDuu94QsAXJtXZrNSmisQyBqrX7GLrjU2RRcPfvVNVO-BI-H7K89vbniuAAeOJukRBcgCbCV4w5fYq3HtAgs8rVZE_jKXdaFttP8WG36wjlEorhB8QDGdI0G8DcUYPbTezY_csKHNJbiUElGky3Is_X7RgxRihvE9EC6ZlLcM0slF_jFaOV_MSZ412eOddFxDOp0pHUF3mtzHYhuFLhvvhQ1tuPes3bqPfvn-l9fvnw2oLaiXhyDOCmfanuvO-sbisdgf-p7cye0gLgkkFmCZTkqSskvIoIvpFNaropFNUcAWh3Of6TAD2L-p_8HFkT362-ofwATw8rnU7QOIBfqz5582kgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9HihyaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDJlRTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglJaHR0cHM6Ly93d3cudG90YWxhZGJsb2NrLmNvbS9fZl8vNWVmZWY2Mjc0ZDIyZi9jbGljay9nb29nbGUvYWRyZW1vdmVyL2V1MoAKAcgLAbgT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNzc1MDcxOTE0NDg1MDI1NxgA&sigh=B2czpGdLUZ0&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW15PYJatJpVN3Qyeq_Sjl_O95yBFWTK2QVfdTz8YQfGExkeBy9fVxAO3EWekqhY183eLSbyr1iBgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215142793276236908835%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22993922711%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222057803167163814353%22}&andc=true

143 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/ 		321 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
353e5a705699ebcd7024c99b5c5046ad05ffed2bdfc2a9f134de365b0c0aa08a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-railgun
direct (starting new WAN connection)
cf-ray
808b876f6d9218dc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 18:07:32 GMT
link
<https://malwaretips.com/blogs/wp-json/>; rel="https://api.w.org/", <https://malwaretips.com/blogs/wp-json/wp/v2/posts/132063>; rel="alternate"; type="application/json", <https://malwaretips.com/blogs/?p=132063>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFF5Yh0OUYcKWi6gfQr%2FApBzzU52BvUD3x%2FDFYLofC%2FA%2BxqFXlnjf6gmACm1dDGMulETrQr2ta8o0TddHO598W5RXstOzn4DUVOTYw1OIrNhDkVE89r4cphC%2FAm5um%2F%2BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
wpo-cache-message
In the settings, caching is disabled for matches for one of the current request's GET parameters
wpo-cache-status
not cached
x-powered-by
centminmod
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
wpo-minify-header-8cbb0ee5.min.css
malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-header-8cbb0ee5.min.css
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
d583e78be1c771e09b8be2381445b51881ecc4a3738e0208bd85fca53ed91c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520421
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Sep 2023 17:25:45 GMT
server
cloudflare
etag
W/"65009f19-3565"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWa%2BriAL6X7YVyVo1sYrDctF83JpRWwhMrrnKlNRpuk0vWR2A1HmPXJWYwRj3KurCFZkAlYdwTr2Rw%2F4bYJaYAyu6VB00yIc6kjHsin64SuAMNNA6FSyLOw32YP%2BINL%2Fqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray
808b87736c3d18dc-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
wpo-minify-header-66fe19dc.min.js
malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/ 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-header-66fe19dc.min.js
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
ebe75db23715077cb00530d97e25f8d10683d691ecb672100d823a8431d5f820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520421
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Sep 2023 17:25:45 GMT
server
cloudflare
etag
W/"65009f19-8ed5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWlHHtHuP0NbALcY5UlMQGTaLMz0RMsI7d%2FDw9PnQ44gZ%2BNTtbGY1AZkVxISGK2CwsF4MtFFdKaoxFNKKq2yqx6%2FAj836bil7kAeZSLbuU5lEJavgm2uEZaeNdIy31jDZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray
808b87736c4518dc-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7750719144850257
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69e3541915912729bf1c0ac52ac27e83b075f5134f3ed9e1ff1ab256fc374954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Origin
https://malwaretips.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52516
x-xss-protection
0
server
cafe
etag
14699284362503964487
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:32 GMT
logo.png
malwaretips.com/blogs/wp-content/uploads/2022/04/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/04/logo.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
c3c6be5983011be9cf40766104660bdc04169ebd90c993cfe3b30644eaa86dc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520422
cf-polished
origFmt=png, origSize=3910
x-powered-by
centminmod
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
3004
cf-bgj
imgq:85,h2pri
last-modified
Fri, 15 Apr 2022 18:25:52 GMT
server
cloudflare
etag
"6259b8b0-f46"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sJnv2mwsf32M1GnlGQuSPO4EgiLQtB5gdQwFfm%2FsoUuXU1eAKSFHPE6oRNKx6GmflEBheHnZZp7tkDuANiaZJr91M7mWfFmpgxMPtthv4hufxlLEEVPPW%2BokgNLZRd%2FSl1UQajycZUldCnHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8773a8bb9a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
truncated
/ 		37 B
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/gif
pattern-bg.svg
malwaretips.com/data/assets/ 		473 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/data/assets/pattern-bg.svg
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
c0a4cccddbd11657216af7fe92edb5e8ebcbd7b687ae9e4740a440d53e161f7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520422
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 15 May 2022 07:08:34 GMT
server
cloudflare
etag
W/"6280a6f2-1d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNI1dIW4oDjjhez3jNV5kcrUNKtq5qbqe5998niEISXucuOoImh5T%2FSluFN2wILO%2F483pXY3zcZMXmo%2FKQJR6IyshLy6zHPQ%2FflcVYOsYB7O8sixM9TdSUDTTPqdR%2FkrxBHzg8Zv6fBPROr3wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray
808b8773e9299a33-FRA
expires
Wed, 11 Sep 2024 17:31:10 GMT
info-circle.png
malwaretips.com/blogs/wp-content/uploads/2022/07/ 		1002 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/07/info-circle.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
397693f737760b4c64ead031dfca2028a0a5a5b9e4b9d4f1f166a7dc4b8fc1f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
519568
cf-polished
origFmt=png, origSize=2398
x-powered-by
centminmod
content-disposition
inline; filename="info-circle.webp"
alt-svc
h3=":443"; ma=86400
content-length
1002
cf-bgj
imgq:85,h2pri
last-modified
Sun, 03 Jul 2022 05:00:32 GMT
server
cloudflare
etag
"62c12270-95e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKy7ZLfKWpTODudTrCmU%2F34VTslEK6JuQbDlzz%2FT90fgk8D245UEz91Yugzf7hHcOApQQvx44AluBibEDZVWQsxzSiBeZvJFuBtkPwyEcIKh6%2Bn6Lf%2FbBg%2FHktH%2BTj9CBJIodJtrcV%2BAcunwqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8773e92f9a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
check.png
malwaretips.com/blogs/wp-content/uploads/2022/07/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/07/check.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
4904754b79a6c0457f872a48b1fad942125fc774b68084a3aeeb0480f0a2d497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
256822
cf-polished
origFmt=png, origSize=2823
x-powered-by
centminmod
content-disposition
inline; filename="check.webp"
alt-svc
h3=":443"; ma=86400
content-length
1142
cf-bgj
imgq:85,h2pri
last-modified
Sun, 03 Jul 2022 04:04:15 GMT
server
cloudflare
etag
"62c1153f-b07"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQxxTYppc6UpubqImjP87tN2zH5mXoQLtB0l3T0Xz8pJhp1hTDn4IlWXwIGMC5A%2FiY3K3odNMwJrASYRtor4yaPY3vA1vhtdjgq82flYWeiHP3vSAzlAmbQxl6xFe4kaiopBqo%2BXW3d50YsUUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8773e9319a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
exclamation-circle.png
malwaretips.com/blogs/wp-content/uploads/2022/07/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/07/exclamation-circle.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
ba9a8cf6632dadfa2b6381255728822490bca490644de81cec3f692dae4d669d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261011
cf-polished
origFmt=png, origSize=2608
x-powered-by
centminmod
content-disposition
inline; filename="exclamation-circle.webp"
alt-svc
h3=":443"; ma=86400
content-length
1126
cf-bgj
imgq:85,h2pri
last-modified
Sun, 03 Jul 2022 04:04:16 GMT
server
cloudflare
etag
"62c11540-a30"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DF5NYrEsizLoY5PEyzAq6z8CPMaPl8dslKN5dxYUl9flo9T8FYKL8A3O3Beo%2Boz2vAtBN0kIy804DKxUwqctQ4cBs0sK6zbuWgnSs00wEBmDABaDA4shXxJTb12SoUJ%2BFI2CWEKp%2BppliP6nwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8773f9399a33-FRA
expires
Fri, 13 Oct 2023 17:45:17 GMT
wpo-minify-footer-c6e41342.min.css
malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/ 		83 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-footer-c6e41342.min.css
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
85586d980f6bb1488ce784665c08cb9c68b7ad85d2ad4041a32517032951aa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
518667
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Sep 2023 17:25:45 GMT
server
cloudflare
etag
W/"65009f19-407b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fblThZh0jBXjxBnGd6t9peAiVZ571eRAEskoI9zBoEkZf75RI4ehKO1AF4ER0mS61UlX%2Fyz79W4zSFFWnl2qcdT5sjKxldJmkWpRiYBQ1DluSpcNg01CstBldQyYKrpudwvYaPMdC6P%2BKXv2Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray
808b87748a189a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
wpo-minify-footer-681b16f9.min.js
malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-footer-681b16f9.min.js
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
2a3acb60500d0a360ba65a959af2f94d3068bcf9034493da6d07a5790965cbec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520421
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Sep 2023 17:25:45 GMT
server
cloudflare
etag
W/"65009f19-125e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMELfFYNmjRfHQ4OxnrBeVMDWbCIQwuhx8ZwO9Zu4lewy7QGB5ZWwzAks10RKgoRHxvOCifWU5lSJxw%2FvLQY7NFSYScakFbkqPyvnqTHwsDFqjU3ol6QmGeTcVG%2FFtzG8rphOKnq%2BWW8%2BkvIPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray
808b87748a1d9a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
wpo-minify-footer-fea92c29.min.js
malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/ 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-footer-fea92c29.min.js
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
55efda6c9b70570749b694d43a66a89339acda2c111808f6700c4bfa12ba7201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520218
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Sep 2023 17:25:45 GMT
server
cloudflare
etag
W/"65009f19-88f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFMPrhL5L8xLd8wuu71bm%2B6NO0A1DJu36fxhsE8uxGuEAN30KJmm5joZFIf3WegUUTMB9QJz0wZ3OBlIdKpJrvx9yxpdpc9H%2Bmkp4ma73SCBh7P6EVcgLh3SwMNUvoxIdxAC7KoN94vn45ckWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray
808b87748a209a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
Your-McAfee-subscription-has-expired-today-popup.jpg
malwaretips.com/blogs/wp-content/uploads/2016/10/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2016/10/Your-McAfee-subscription-has-expired-today-popup.jpg
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
34bc2a65f45649c34fc7b20819655175f006e32690dc0684f171afcda19ef415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=18934
x-powered-by
centminmod
content-disposition
inline; filename="Your-McAfee-subscription-has-expired-today-popup.webp"
alt-svc
h3=":443"; ma=86400
content-length
11710
cf-bgj
imgq:85,h2pri
last-modified
Wed, 05 Oct 2016 05:29:56 GMT
server
cloudflare
etag
"57f48fd4-49f6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqUwSIg7QT%2Ff41DANKBlLqPL94XcPpkioUzVD%2BteE1Hi3%2FyIyQVKPzdGHSrzj8SvlC0eNwJPinbGvpLZ6zatw9fcAzDDAgT0WB9B35AzyKYQ2%2FbYlAAP%2BUfTSbgJnfjBohwEyol7fZeNiAJRbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b87749a3d9a33-FRA
expires
Thu, 12 Oct 2023 17:37:32 GMT
warning-your-flash-player-may-be-out-of-date-popup.jpg
malwaretips.com/blogs/wp-content/uploads/2014/03/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2014/03/warning-your-flash-player-may-be-out-of-date-popup.jpg
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
4be192247e9f48d8cc649cc2408ea763c7ac46882833fa11289f5a8e064d463e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=69594
x-powered-by
centminmod
content-disposition
inline; filename="warning-your-flash-player-may-be-out-of-date-popup.webp"
alt-svc
h3=":443"; ma=86400
content-length
42874
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Mar 2014 16:37:14 GMT
server
cloudflare
etag
"531f3bba-10fda"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3dsEO2nuggI3UIUwkmdvRxZXJjq85jZxOAz6LzkXCdCQtzWECqlo5L9uqaElSUp4LOSKwY8MUq8vtZc4DpgSCOXL8tOFOpprUPn1UKWdkYgF0SOHIpw275FDPxeXskxWrB25L11nIpJI5%2Fe8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b87749a3f9a33-FRA
expires
Thu, 12 Oct 2023 17:37:32 GMT
time-2010.png
malwaretips.com/blogs/wp-content/uploads/2022/11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/11/time-2010.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
5a111b146f2635fd687c971dde2a9f422d9d6de37938bf3c6be239f4aaadb327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520420
cf-polished
origFmt=png, origSize=1940
x-powered-by
centminmod
content-disposition
inline; filename="time-2010.webp"
alt-svc
h3=":443"; ma=86400
content-length
1122
cf-bgj
imgq:85,h2pri
last-modified
Sun, 06 Nov 2022 05:14:51 GMT
server
cloudflare
etag
"636742cb-794"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zcwj9XO%2B7MkEInFz1vADwQxgOh5bA00OmVocqtTQDh6sZuxP0vs3Q2LsmJI3yshgBmae%2Fft3RWWyc%2Bsfjewdip%2FLFfJUW6Sg%2BkW0UQqkeh3vgcLf1UU%2BZaZc2eCd5h13%2FSEeL8UQeCPjaq3y8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8774da849a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
icon-guidess.png
malwaretips.com/blogs/wp-content/uploads/2022/11/ 		266 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/11/icon-guidess.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
cd60df712fbaa50cc06b9e94c00acf4628a0dfb19ac0029118bccce498dab892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520420
cf-polished
origFmt=png, origSize=470
x-powered-by
centminmod
content-disposition
inline; filename="icon-guidess.webp"
alt-svc
h3=":443"; ma=86400
content-length
266
cf-bgj
imgq:85,h2pri
last-modified
Sun, 06 Nov 2022 05:14:52 GMT
server
cloudflare
etag
"636742cc-1d6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAKBYLo1%2BACMAhpZpphuQ5H6xKctWVLBVvnh8GpG8kJZiFpFp%2FuurI%2FBa0iOsn%2FbVZQhndYo7pLg7Q2TerTa2Dhhb1p7u7TBCqquK9RNmxeSjXl8ewGvcaU3K9pFMehk4S90AKh%2B7cA3YeVAnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8774da889a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
icon-120.png
malwaretips.com/blogs/wp-content/uploads/2022/11/ 		724 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/11/icon-120.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
6125c210ea6c7e7a1f943039dfce9ca6e949a709e6fe6c81ac5338aff9353658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520420
cf-polished
origFmt=png, origSize=1162
x-powered-by
centminmod
content-disposition
inline; filename="icon-120.webp"
alt-svc
h3=":443"; ma=86400
content-length
724
cf-bgj
imgq:85,h2pri
last-modified
Sun, 06 Nov 2022 05:24:51 GMT
server
cloudflare
etag
"63674523-48a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVaeuHgVznDCF%2F76eRycemZwmudz1GyXhD0ImzOQyaenY0U8qsCFZ7jAbefFUX3SltEJOB4G2t0OcGCngrqpdePJVJ3F3Q2Hje%2BwZXB84s1NuLeafzKwW02hVS9W9PbpKGUM4t3gjsyFi0XaLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8774da899a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
icon-60.png
malwaretips.com/blogs/wp-content/uploads/2022/11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/11/icon-60.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
d93dce436bdb384e42f00b232921e4026aab46ba32f9346691003db7ef3ec3ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520420
cf-polished
origFmt=png, origSize=2259
x-powered-by
centminmod
content-disposition
inline; filename="icon-60.webp"
alt-svc
h3=":443"; ma=86400
content-length
1332
cf-bgj
imgq:85,h2pri
last-modified
Sun, 06 Nov 2022 05:04:51 GMT
server
cloudflare
etag
"63674073-8d3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOOEQ0bkJ5%2Fz0q5LqmcY0YnRxw6WtJ1z5ssx6hHegRV5qaQB4bAzneHPSsnIFrPGEI3QPfZV9LiRwuREaIjtKygY%2FYd0JaQhzhz%2FP5i%2BkWmy%2FhykYnDZCrrQsOsgoTHSJm2mrkX56yWoFCNByw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8774da8b9a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
icon-threads-3.png
malwaretips.com/blogs/wp-content/uploads/2022/11/ 		390 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/11/icon-threads-3.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
60b883eb738106262c4a96f9b764c5cb3dbb9cfb34a73d2adefc39844ac74170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520420
cf-polished
origFmt=png, origSize=740
x-powered-by
centminmod
content-disposition
inline; filename="icon-threads-3.webp"
alt-svc
h3=":443"; ma=86400
content-length
390
cf-bgj
imgq:85,h2pri
last-modified
Sun, 06 Nov 2022 05:04:52 GMT
server
cloudflare
etag
"63674074-2e4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgCH2VvZmupB9gKS2UYDvrRnZ58231Fm2duGYJve3weqgZ%2BKc7wt0TZwO%2FspiAuUnS%2B%2FJ6i7aZKNFuenEW%2Fep71q08DkH2LJrPUCS4vJGwB5EkLLRnCqAPB1xicfr7y6dADJu09LmCbbEcQX8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8774da8d9a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
icon-topics.png
malwaretips.com/blogs/wp-content/uploads/2022/11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2022/11/icon-topics.png
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
113ddf5ecc523fa68b77060bcb6e30609289da876c4b168bb5d7638b9d95469a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520420
cf-polished
origFmt=png, origSize=2077
x-powered-by
centminmod
content-disposition
inline; filename="icon-topics.webp"
alt-svc
h3=":443"; ma=86400
content-length
1210
cf-bgj
imgq:85,h2pri
last-modified
Sun, 06 Nov 2022 05:14:50 GMT
server
cloudflare
etag
"636742ca-81d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHuy5a4LLCBPVFciFu8sS7tBy2%2B7BBAersAKqiM%2BdA1svNTEUymUl%2BJ5iZZp4il6V%2F0LVu56NBpr4yDgocVtlHheCAePVCg%2FnnzbJW8e2cGpvRpY6k1PZXeSXlUfFQQQFNUtfU91hKQjSQR6rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b8774da8e9a33-FRA
expires
Thu, 12 Oct 2023 17:31:10 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7750719144850257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a46cf08b1b7aaa9ec120c1d84002bc60cf29771b6cd107f737d137162bd36568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131562
x-xss-protection
0
server
cafe
etag
669843515244294365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:32 GMT
forkawesome-webfont.woff2
malwaretips.com/blogs/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/blogs/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-footer-c6e41342.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer
https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-footer-c6e41342.min.css
Origin
https://malwaretips.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
519270
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
content-length
109916
last-modified
Tue, 25 Jul 2023 18:32:18 GMT
server
cloudflare
etag
"64c01532-1ad5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw1PXcf8yc%2BnjA7sQ2tcF3%2FtriEslhOLuS1YWpb7%2BLo543cqqaswF6YyrIEkt15rWOaxrgFAfWPknQL%2FdQWGhm0GZWx91vstFRkHxpclPUXNn9DGXjUA%2BSmnwHYVnfAR0RS%2Bo8cnjwrai9hsRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
808b87753b0c9a33-FRA
expires
Wed, 11 Sep 2024 17:31:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame 4BC5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7750719144850257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35455
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 08:16:37 GMT
etag
8554266389219770021
expires
Mon, 02 Oct 2023 08:16:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e0751a5cec343d088082e4bb3a7a3b3b
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=35&d=wavatar&r=g
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
83e7af225aff70e562a90a847fed54c3b8e981aff17f95dec5e1f2c50eaa6d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 18 Sep 2023 18:07:32 GMT
last-modified
Sat, 17 Jul 2021 06:08:49 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="e0751a5cec343d088082e4bb3a7a3b3b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=35&d=wavatar&r=g>; rel="canonical"
content-length
2943
expires
Mon, 18 Sep 2023 18:12:32 GMT
Youve-visited-illegal-infected-website-Scam.jpg
malwaretips.com/blogs/wp-content/uploads/2021/12/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://malwaretips.com/blogs/wp-content/uploads/2021/12/Youve-visited-illegal-infected-website-Scam.jpg
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
aaca38cdb158e94a0fed343d59d7ac9e4161ba72ed2560d49b8b8690f2306d78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=36631
x-powered-by
centminmod
content-disposition
inline; filename="Youve-visited-illegal-infected-website-Scam.webp"
alt-svc
h3=":443"; ma=86400
content-length
28840
cf-bgj
imgq:85,h2pri
last-modified
Sat, 19 Nov 2022 04:25:12 GMT
server
cloudflare
etag
"63785aa8-8f17"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPlOs8uv%2BXVp%2FxIwOfarrE7BpKWW2%2BplAJqNCLGoBG0BaMtjhVvG9vsfnId2T0DxyLRAQWUGb6g%2BuDL6iRzrSh8PPF%2F1I2VBsFKcwjkbjkbVZJ9ub4%2BQqgCwhpkuJ1Mjc80g%2BkzpLtJ3Z1BSrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
808b87766ceb9a33-FRA
expires
Thu, 12 Oct 2023 17:37:32 GMT
e0751a5cec343d088082e4bb3a7a3b3b
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=33&d=wavatar&r=g
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d35311d353588f7ba5efe65288c514ecb946da395a0e8b168008120ae42e47e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 18 Sep 2023 18:07:32 GMT
last-modified
Sat, 17 Jul 2021 06:08:49 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="e0751a5cec343d088082e4bb3a7a3b3b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=33&d=wavatar&r=g>; rel="canonical"
content-length
2673
expires
Mon, 18 Sep 2023 18:12:32 GMT
s.js
malwaretips.com/cdn-cgi/zaraz/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://malwaretips.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUmVtb3ZlJTIwJTVDJTIyWW91J3ZlJTIwVmlzaXRlZCUyMElsbGVnYWwlMjBJbmZlY3RlZCUyMFdlYnNpdGUlNUMlMjIlMjBGYWtlJTIwQWxlcnRzJTIyJTJDJTIyeCUyMiUzQTAuOTI4NDQ2NTE1NjAyMTY0OCUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGbWFsd2FyZXRpcHMuY29tJTJGYmxvZ3MlMkZyZW1vdmUteW91dmUtdmlzaXRlZC1pbGxlZ2FsLWluZmVjdGVkLXdlYnNpdGUtc2NhbSUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBLTEyMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:45fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bfa37eb9df0fac1740ca416ce5c941e8224c3796d98376b34c0e67b83b78cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://malwaretips.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sd29%2BJb1%2BtyuUDSDH1xhfQXK5uR%2F9aV401GdRn86i1exv6AN4TWA6xEy%2FG6G0ZQqqK4rZ9lc5nPVrFGgwUdu%2Fd0XUutjJ0CwgXwEtY7htOyzu4vuXfME2PyBWWMODEMO1Eili8mFGgEJVcDCVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
808b87769d379a33-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
alt-svc
h3=":443"; ma=86400
cookie.js
partner.googleadservices.com/gampad/ 		397 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=malwaretips.com&callback=_gfp_s_&client=ca-pub-7750719144850257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e1eacd7418360b6069eff57f52863576c26ac92b3aa797fc8a64adf5f65789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 043D 		41 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&adk=1812271804&adf=3025194257&lmt=1695053253&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452645&bpp=69&bdt=271&idt=333&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2938582872082&frm=20&pv=2&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=367
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a96a2e47105cf8e172977e617dad40c74a8e5041e8fd2b182ff6532243af3a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
3198
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:33 GMT
expires
Mon, 18 Sep 2023 18:07:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D1CB 		110 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ab6a6fe45623e0e9a0057f7be910200a44d1b50f33ea4bca1b8ded71f4df99a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
37728
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:34 GMT
expires
Mon, 18 Sep 2023 18:07:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 569D 		108 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d0fd03fb5c8967ffaba378dba482c544f2e2001be45578dabb9f54b5b2bccc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39106
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:34 GMT
expires
Mon, 18 Sep 2023 18:07:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 51B9 		107 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36699799531c9b49bbdd7429ca0e2df78b3e45e9cc2a87efd743aeae92d6ec58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39796
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:34 GMT
expires
Mon, 18 Sep 2023 18:07:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame D1CB 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Sep 2023 18:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 17:13:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Sep 2023 18:07:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame D1CB 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame D1CB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 06:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 06:37:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame D1CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 12:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
21233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 12:13:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame D1CB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D1CB 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:34 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame D1CB 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 17:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 17:47:48 GMT
3443263986982737374
tpc.googlesyndication.com/simgad/ Frame D1CB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3443263986982737374?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15de3f0301ba27f88c74b78e431e72eea0a39c21adbea13b56889ca86960357b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:57:50 GMT
x-content-type-options
nosniff
age
173384
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1404
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 11:05:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 17:57:50 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5664718325996965866/ Frame D1CB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5664718325996965866/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89246d090572a3337dfbc53d719f3c47ccafb50b4a9f25a18d8a49e6278403ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:45:36 GMT
x-content-type-options
nosniff
age
195718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25122
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 09:46:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 11:45:36 GMT
truncated
/ Frame D1CB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce93fe3026faafbca25f2650aefcd23d6415b1885d4f2b356b010888895b725b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D1CB 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D1CB 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e8ec77f208909bfc3ee616bb90ba20825a943a991c5cd49e678ab2e28f56865

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 569D 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Sep 2023 18:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 16:41:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Sep 2023 18:07:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 569D 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 569D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 06:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 06:37:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 569D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 12:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
21233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 12:13:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 569D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
l
www.google.com/ads/measurement/ Frame 569D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWPislRFJIobDNdkPFxeD7JPXB_hwcjP-byTAShQ2fSNVmRWy8FI3uDJ4FRYasXwuHY25m4nrznU3153XXpyyiHFgz1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 569D 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:34 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 569D 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 17:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 17:47:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4117 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Tue, 19 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D1CB 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options
nosniff
age
478386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 05:14:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame D1CB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUXV15ZEIZbrSBoHA7AOMp4LYBZ6rzNJyjcbp_LwRZBABIJGHnTlglQKgAaXh9LcDyAEBqQLCxxk51eOxPqgDAcgDywSqBIcCT9D95bDNUoCyXTXCQ4-4IuJtlIZKahXX1QqtTlWYil3P10O...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221339920008044109868%22,%22debug_reporting%22:true,%22destination%22:%22https://zolar.de%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221339920008044109868%22,%22debug_reporting%22:true,%22destination%22:%22https://zolar.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22922562725%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22438373975390901521%22}&andc=true
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1339920008044109868","debug_reporting":true,"destination":"https://zolar.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["922562725"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"438373975390901521"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 18:07:34 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Sep 2023 18:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1339920008044109868","debug_reporting":true,"destination":"https://zolar.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["922562725"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"438373975390901521"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/8713707925352896608/ Frame 569D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8713707925352896608/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd93394fd619f798a96b816d476d14b14051345cbf3b7edaaf2a8eb11720a925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 23:58:13 GMT
x-content-type-options
nosniff
age
497361
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30392
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 19:07:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Sep 2024 23:58:13 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5764291513729847510/ Frame 569D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5764291513729847510/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2011589699e6f1fbd716af022e7069cca8e54f4bf8637143c2eaf876c02f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 21:49:27 GMT
x-content-type-options
nosniff
age
505087
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4548
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 17:40:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Sep 2024 21:49:27 GMT
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame 5379 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=600&slotname=8704329093&adk=23021064&adf=2384537785&pi=t.ma~as.8704329093&w=300&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&format=300x600&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060452714&bpp=3&bdt=340&idt=307&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1190&ady=2618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P1HS8WTaT5&p=https%3A//malwaretips.com&dtd=343
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
289822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:37:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 51B9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 06:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 06:37:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 51B9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 12:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
21233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 12:13:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 51B9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
l
www.google.com/ads/measurement/ Frame 51B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnZuMaXKWVdb4zN1JiIim8zZxEWXA80_XFbR9cH8uK-B7-rGtzDU6QE51Y_aVihy26ns-a9IURN6ZN6y68RWtL8sINew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51B9 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:34 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 51B9 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 17:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 17:47:48 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4117
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJo1wGePVVTpfCpIyTK-y2I&google_cver=1&google_push=AXcoOmSpzLaOn8gt-te5Klz006azfByfMyp1LkNj-N4K2KMSrPQqbtnwLWjxSiUWRiLjfPzIEy7c6DmS37jVCKmm9uEX70MSWOTEp-4
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgwMjA5MDA5MTc4OTQ1ODEwNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 4117 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHBEEbHSh9VU-WcAlbGrEHc&google_cver=1&google_push=AXcoOmS4HLRPF5owVJwltlMdjqB4PehOpocmJ0aOeUl6hr-q4sAV8qs4ZidkRMb1yM0KkcLR2wClR4JFQ5bM04NDSNl8E81dzZRiPIY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 4117 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM1d3d3a0Vj6JvG_yrufI-g&google_cver=1&google_push=AXcoOmTR5NdSKVGAOAXxO70BrSxBfittnYyArkxxAWJlWC3s4ppziMY-Cix6DWTfpE4hCgmxy2DOTapij0nXdQq8gLpZmpowaTRXmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4117
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIJTQEELIWNeiliiKc91x3o&google_cver=1&google_push=AXcoOmQira3omPUe3eRy4XNTy46NdC-SSCNo0Pw5Lf9ply7yNgwDzdHFwgIXYsnwUJ6FFgePU5ihVr_OvXHYDmmXmamhNXsou165q4Y
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmQira3omPUe3eRy4XNTy46NdC-SSCNo0Pw5Lf9ply7yNgwDzdHFwgIXYsnwUJ6FFgePU5ihVr_OvXHYDmm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmQira3omPUe3eRy4XNTy46NdC-SSCNo0Pw5Lf9ply7yNgwDzdHFwgIXYsnwUJ6FFgePU5ihVr_OvXHYDmmXmamhNXsou165q4Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Sep 2023 18:07:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmQira3omPUe3eRy4XNTy46NdC-SSCNo0Pw5Lf9ply7yNgwDzdHFwgIXYsnwUJ6FFgePU5ihVr_OvXHYDmmXmamhNXsou165q4Y
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Sep 2023 18:07:34 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 4117 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQAjYK8m7OcviafcufVfP-NY5MszQ8TsQ2BdVHTic5K6vIxwSuO_QeuJD2DLlsSEhqeGSMCDHJfcTZWxbbSd3G0HrrQODxTbCE&google_gid=CAESEHCXAOzpVcWFk2aSJ_6S-h4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:33 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
303772
expires
Mon, 18 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4117
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHYGAjjekXHE3bic6bjWhj8&google_cver=1&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9QmwLf...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHYGAjjekXHE3bic6bjWhj8&google_cver=1&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9Qmw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9QmwLfmImNSnrz4uJnmbLfLWvlmSg
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmSWjJphKN-JcpQImVdo2Q6vyaA6QDwMVY-ua0UysFMbIGUZrCoP4Bi1y9J1jmTeOj3F-s9QmwLfmImNSnrz4uJnmbLfLWvlmSg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4117
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAVKFlgRLNn9ArrQDIg9HnM&google_cver=1&google_push=AXcoOmTc9jJFk9hpLxnaXhTTksSdcKzHyIOwTaOb6gtkE-R_u2161uFNG9FMwqPtZogVXzw8LQYKTJ8rKO1P...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTc9jJFk9hpLxnaXhTTksSdcKzHyIOwTaOb6gtkE-R_u2161uFNG9FMwqPtZogVXzw8LQYKTJ8rKO1PQjM5dJ3qhHt_Jv3GFQ
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTc9jJFk9hpLxnaXhTTksSdcKzHyIOwTaOb6gtkE-R_u2161uFNG9FMwqPtZogVXzw8LQYKTJ8rKO1PQjM5dJ3qhHt_Jv3GFQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTc9jJFk9hpLxnaXhTTksSdcKzHyIOwTaOb6gtkE-R_u2161uFNG9FMwqPtZogVXzw8LQYKTJ8rKO1PQjM5dJ3qhHt_Jv3GFQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 4117 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbE3e3ptN_buOKgcnyNgf9vsm5TJrqEs71r7QFhDiSlqR9QQ4dj244lkQfyswBmnowC_sL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 51B9 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 51B9 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:16:19 GMT
x-content-type-options
nosniff
age
345075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:16:19 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221339920008044109868%22,%22debug_reporting%22:true,%22destination%22:%22https://zolar.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22922562725%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22438373975390901521%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 18:07:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame CF8F 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 17:08:14 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7482 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Tue, 19 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 569D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230913&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 569D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a7c861ca1c1624391d51b4f7ed3e499abb26666b893599486b4d2bec8a8797b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 569D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:26:14 GMT
x-content-type-options
nosniff
age
520880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 569D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options
nosniff
age
417558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 22:08:16 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7482
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1&google_push=AXcoOmTkE0qQTkE8Up6vikVh3vg05fsIYKkadvAAz2jaPaAF4PCkqN9kvJ4oQHXnnQAUqnNTzvqMryK-Xn8uYTZ0CneBG73Jsv6cIbH2
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODgwMjA5MDA5MTc4OTQ1ODEwNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDOz6W9Y1xZDbV7E41EZi1I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7482
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5gq9pBkBqIF2jV3bPbP6I&google_push=AXcoOmQqHwkcnCwmYYideSOqYGmBh0TRPquamG8x8Rb4lPfVrTy5g252Ng...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5gq9pBkBqIF2jV3bPbP6I&google_push=AXcoOmQqHwkcnCwmYYideSOqYGmBh0TRPquamG8x8Rb4lPfVrTy5g252Ng2sjbHLr7R3f0xycpGkNwoVXAqRf0Qv4vw0IhSAJxDJ4n-e
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230046-FRA
pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1695060455.806899,VS0,VE104
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEB5gq9pBkBqIF2jV3bPbP6I&google_push=AXcoOmQqHwkcnCwmYYideSOqYGmBh0TRPquamG8x8Rb4lPfVrTy5g252Ng2sjbHLr7R3f0xycpGkNwoVXAqRf0Qv4vw0IhSAJxDJ4n-e
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7482
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEA7O8qogxGx9eJrE6Ye_Rgk&google_cver=1&google_push=AXcoOmTu9EiKQtXwyi6KqYv9JVORaOgnmfPylvyYRwVwBTnyTGvaLJIcnHmDaVA9XTyuFpgLz-k4pRYBPkDqi0S5PrvqohcYTfhyBfI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmTu9EiKQtXwyi6KqYv9JVORaOgnmfPylvyYRwVwBTnyTGvaLJIcnHmDaVA9XTyuFpgLz-k4pRYBPkDqi0S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmTu9EiKQtXwyi6KqYv9JVORaOgnmfPylvyYRwVwBTnyTGvaLJIcnHmDaVA9XTyuFpgLz-k4pRYBPkDqi0S5PrvqohcYTfhyBfI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Sep 2023 18:07:34 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=86764B6F71CC48D9B46FA92F7C4C04A4&google_push=AXcoOmTu9EiKQtXwyi6KqYv9JVORaOgnmfPylvyYRwVwBTnyTGvaLJIcnHmDaVA9XTyuFpgLz-k4pRYBPkDqi0S5PrvqohcYTfhyBfI
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Sep 2023 18:07:34 GMT
google
match.adsrvr.org/track/cmf/ Frame 7482 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJseEaY-iQmWuYUWBR8ZceU&google_cver=1&google_push=AXcoOmSN5l13XLTCod8Oi183q4OOJR5DhhF2OWNx-aLQHfMTYutflF_DpzQ-YjeiSFGlgQ1QQn559m681p3kQYlTnWV9p2tE-vbVMHM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7482
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPR12f5vq6M3rksR-weWPHw&google_cver=1&google_push=AXcoOmT8ydgSSJUYpRGbZdmcz-uuGpJCx29hZ5ns2qa5jsQnmQNPcEV1iX2RbKxHiwrpXyLqvJBMvRN79nu...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8ydgSSJUYpRGbZdmcz-uuGpJCx29hZ5ns2qa5jsQnmQNPcEV1iX2RbKxHiwrpXyLqvJBMvRN79nu5bDcIvMGEgqZPD7fup9y_&google_hm=uxtXlj9qTLmAbDgm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8ydgSSJUYpRGbZdmcz-uuGpJCx29hZ5ns2qa5jsQnmQNPcEV1iX2RbKxHiwrpXyLqvJBMvRN79nu5bDcIvMGEgqZPD7fup9y_&google_hm=uxtXlj9qTLmAbDgmYCjWifM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:34 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8ydgSSJUYpRGbZdmcz-uuGpJCx29hZ5ns2qa5jsQnmQNPcEV1iX2RbKxHiwrpXyLqvJBMvRN79nu5bDcIvMGEgqZPD7fup9y_&google_hm=uxtXlj9qTLmAbDgmYCjWifM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7482 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIqHG-cm5yh46qYODz69hjw&google_cver=1&google_push=AXcoOmRCmWXlPC-_FqZtuUpPaWxZxuYwRFcAcWbeUXaXNtZINZIzx-kH4EPU4C41WkOqhMzbLQrFd9_7JMxFCPnm9yFD46OU4y8mmOUM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 7482 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGKjUTT4rKWCigGbFd_tpJM&google_cver=1&google_push=AXcoOmSy2-yETT-KqcMpS2RkVRRg__R_5D26j1uqcsy6wPrgunBhmQsN2HrUpVZcnPNg-cnAp2AU556rzMtx0yJTGkd7N9yidQXItM7y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.69.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 7482 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAQpOYrRZrRp9YQDbNAiE80X4IDWp4MAsD4527ZEO-ZkV5aR_SfYHTSFW7qkMV1u5vru60
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.googleadservices.com/pagead/ar-adview/ Frame 569D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C0rjH5ZEIZe7jD6iViM0P5P-IoAG15JzdcfuJpaWUEPqyz7jpHBABIJGHnTlglQKgAbrb45gDyAEJqAMByAPLBKoEhQJP0OcstZybgDyfbJgvCurACxdA7RiI-U5AtnhNTVjsux0TPmglH_Y...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22628649520923035144%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22628649520923035144%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22857271738%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217653620661956135249%22}&andc=true
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/remove-youve-visited-illegal-infected-website-scam/
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"628649520923035144","debug_reporting":true,"destination":"https://infragistics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["857271738"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"17653620661956135249"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 18:07:34 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Sep 2023 18:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"628649520923035144","debug_reporting":true,"destination":"https://infragistics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["857271738"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"17653620661956135249"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame CF8F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:34 GMT
expires
Mon, 18 Sep 2023 18:07:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:34 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 51B9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44a0fe246d2896663188c4e02e9b1d0609650a65144cbfa8e0d84cd4bcbced79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame 27DD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=2483349045&adf=3728510242&pi=t.aa~a.249518001~i.25~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1695053253&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2980906025&ad_type=text_image&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rh=200&rw=1000&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453204&bpp=1&bdt=830&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600&nras=2&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=AHo2DNGtgh&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
289822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:37:12 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22628649520923035144%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22857271738%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217653620661956135249%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 18:07:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 51B9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CIALF5ZEIZfq-FLCriM0PxI6ksA6XzN7Mafnqs_OHEN6419SLDhABIJGHnTlglQKgAZed-NkDyAEBqQJax73hMsW0PqgDAcgDywSqBJYCT9C2ZOzL4qWiyHTlgBAC5SFNYfnIyN2zt8yWDNP...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221197610534396388997%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221197610534396388997%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22993922711%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223323166250595199905%22}&andc=true
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1197610534396388997","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["993922711"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"3323166250595199905"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 18:07:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Sep 2023 18:07:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1197610534396388997","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["993922711"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"3323166250595199905"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7750719144850257
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-footer-fea92c29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
798db210e3a0450731b8d31c73579a4b66c3ea9846c454fe4826be2822a74fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Origin
https://malwaretips.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52549
x-xss-protection
0
server
cafe
etag
269368958927810258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230913&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bb03954e49a16ebc7f0c6c2a93349d0101eb79586849f8978215025be18da95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12223
x-xss-protection
0
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame 088C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&adk=926476324&adf=3807511576&pi=t.aa~a.2112067859~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1695053253&rafmt=1&to=qs&pwprc=2980906025&format=360x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060453275&bpp=1&bdt=901&idt=0&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&pvsid=3108470924777406&tmod=1907607205&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JiycCOnegx&p=https%3A//malwaretips.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
289822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:37:12 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221197610534396388997%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22993922711%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223323166250595199905%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 18:07:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 18:07:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7750719144850257
Requested by
Host: malwaretips.com
URL: https://malwaretips.com/blogs/wp-content/cache/wpo-minify/1694539545/assets/wpo-minify-footer-fea92c29.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a49ad6919d87328762787f3eb317eb5ecf70f47ef2038af9db7982b3465c0ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Origin
https://malwaretips.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52548
x-xss-protection
0
server
cafe
etag
3531398746935463198
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:35 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2E6C 		110 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d709b74c57c613ce96b526090ce3770ed5b6119c58d3b8141e75ee1e19672b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
39668
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7231 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 16:19:59 GMT
expires
Tue, 17 Sep 2024 16:19:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 14D7 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
80a7097a4f79042d9249213b4d73c4d9bd08b3dd18554d2f18c2df8de2657a55
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i_ZZ4oSyqGpa8Ul626q5BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-i_ZZ4oSyqGpa8Ul626q5BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:35 GMT
expires
Mon, 18 Sep 2023 18:07:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 7231 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 16:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
6452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 16:20:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 14D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230913&jk=3108470924777406&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame ABB0 		107 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7750719144850257&plah=malwaretips.com&bust=31077910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c27b88871611575b10d52624f9f3c7c5fcde8ac801ca21ae6518089ab577d86b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://malwaretips.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
38232
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 18:07:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 7231 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9VqpAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230913&jk=3108470924777406&bg=!6-il6KfNAAbP3fMH7907ADQBe5WfOKvNwhvW7HvFaEy5cLtBP06erEvso3Dw-qnMI9nWsBg2xjmmjBQb3jslYan0XzHhAgAAAIJSAAAAC2gBBwoAFXxzdITFziOxhjs0fXDju_GylNh03pkC5Piru9s5rXsAmGsnLRghO3ZoozH5VtZ5a7NhSzNIH0UxY_Z7htkROlS_-4Q0EUNW84KFlCpMMoCJuIrlkFLhkJaTWM6VflBhGHr_klXzJCy_6xiwkN4H-Cgmq6vZPrHs4-zkyMGBnagn1eEZYFn3jcwzhSECKYVvsYlXGCFeXqbmw0OhNYM9aMHkoz0LLMNQ_yFGlw1ZAjbzDzFpbyUMFIGMolKYP2xjCwQUZw90WawXQqo5JymxLNcAVeSVeE5WKXy1FfHILrumLNMThs1O1Q4Am8FqJjdAgabIjWhM6H2377xLiP__-98YO6g7CBu523t2hG-csHNgkyu8MAgBj_jG_hWKQF_GFs9flIFU16ALZn71AgEgqFFLfJhYT4X3lHi-ka1xTaUNDucSJ8sE48XqSCAFKLj9NUuCr6NTmZ4YKfzKdttegaDUVMMllYhNmwEYatJn61TyAYL_QoNF9yrH51TnNEJEah-YxiITzWJBEtb1W_nMGGttmpNAFt0T2gnQpdDMSOj5nXIWsy8WHQVUvK1j-in81JduXQLfKhK5lr0EjO_gCXCf6lMaj4mK-ss5jIMU1SY4iYSTM-sLdUO-5YdnagwUSBU1aXWlQ9jxivqRtWdq8pewgjg_5WAKCQDpl92XL7lgNSmphVlM-jyJQ2m5q0jRLZUlprqCiP_qfETGOnAGRmFx7wr1fB_suw0TRaJL56JqA2w4ydOaSniywRa79alomkS8eb2AeCqvcAGJYAm1Do3BbcvHzsHHuh2HVvTG9QN1HXorjyt5riK8mmQXfEOx7Sx5WFDy_XB6zI_MCmGjijEuz7v6utGbTsC5QRs6OmpBxXRldA7pd5haMHCKD-USjqqzumUpjxpu40bjGJmzKgbHt_LmEK9r5bsSqSYoobBLE4WeQIzDem4mvrwf_aY8J-WK4SOdQM9Ma8mV1f-HZuSNXtYTUOh8NlnhqSZYFkGRvL477EtQXfpg8-ed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://malwaretips.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 2E6C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 06:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 06:37:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 2E6C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 12:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
21235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 12:13:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AF7B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Tue, 19 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 2E6C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
l
www.google.com/ads/measurement/ Frame 2E6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRB-yPr6OFJmD-_faL8L6v0pCOvK_shnzO_hSooncW5Ck2t8XBl3483WP2apix-sMMXOb30a0vjspkrTduFWoq-eaVRQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E6C 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:36 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 2E6C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 17:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 17:47:48 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/8713707925352896608/ Frame 2E6C 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8713707925352896608/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e866c56164d7238c3052c7ddf5d60be2097b9e8880ca0018e377b982916cfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 04:20:11 GMT
x-content-type-options
nosniff
age
395245
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28987
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 19:07:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 04:20:11 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5764291513729847510/ Frame 2E6C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5764291513729847510/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed274a47a786c7ec9a3d172f000f9b9faba6b9edf15fbdfe7193bc6fb9d09399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 00:50:08 GMT
x-content-type-options
nosniff
age
235048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4545
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 17:40:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 00:50:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E6C 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:26:14 GMT
x-content-type-options
nosniff
age
520882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E6C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options
nosniff
age
417560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 22:08:16 GMT
pixel
cm.g.doubleclick.net/ Frame AF7B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECan2uoEkoS5PiacsiznOro&google_cver=1&google_push=AXcoOmSqa0RSJY7rfpS1qF9Nrmf2MbBdYLemKkaDR2v7ftK7t2poxzoVAy...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSqa0RSJY7rfpS1qF9Nrmf2MbBdYLemKkaDR2v7ftK7t2poxzoVAyiyN1kp3jr4ABONiiQAouK6NFRuo44ngOZ5udgZV6AJo-Zs&google_hm=WmclAHX3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSqa0RSJY7rfpS1qF9Nrmf2MbBdYLemKkaDR2v7ftK7t2poxzoVAyiyN1kp3jr4ABONiiQAouK6NFRuo44ngOZ5udgZV6AJo-Zs&google_hm=WmclAHX3ZhAlLVNCkla4xg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSqa0RSJY7rfpS1qF9Nrmf2MbBdYLemKkaDR2v7ftK7t2poxzoVAyiyN1kp3jr4ABONiiQAouK6NFRuo44ngOZ5udgZV6AJo-Zs&google_hm=WmclAHX3ZhAlLVNCkla4xg
pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF7B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3owTUpySWYxUUlpRU01&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&google_cver=1&google_push=AXcoOmQLh4U_qALHhw-n4s9nMHt4T5UbuyVO1b79BnXx3CA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3owTUpySWYxUUlpRU01&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&google_cver=1&google_push=AXcoOmQLh4U_qALHhw-n4s9nMHt4T5UbuyVO1b79BnXx3CATxPDSE3L7KZy5RtZqWUqjh7ARqGMYgHMCiZ9gMv6srKVeVaRbkTMjL0pi
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 18:07:35 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-gfcd4f77#rel-ec2-master i-01c25810fe6c49baa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d3owTUpySWYxUUlpRU01&google_gid=CAESEDxmlvvFclYLbM3FQqW1U6w&google_cver=1&google_push=AXcoOmQLh4U_qALHhw-n4s9nMHt4T5UbuyVO1b79BnXx3CATxPDSE3L7KZy5RtZqWUqjh7ARqGMYgHMCiZ9gMv6srKVeVaRbkTMjL0pi
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF7B
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPR12f5vq6M3rksR-weWPHw&google_cver=1&google_push=AXcoOmTzUELnOSALcK0hblExY2tDC4xLXK_1I_wEyCxyy7FOliSQJhZin37jWhnRWg7t47LaEi6uBLVfUg0...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzUELnOSALcK0hblExY2tDC4xLXK_1I_wEyCxyy7FOliSQJhZin37jWhnRWg7t47LaEi6uBLVfUg02khz29iQIXi1eWrnbNK72&google_hm=uxtXlj9qTLmAbDgm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzUELnOSALcK0hblExY2tDC4xLXK_1I_wEyCxyy7FOliSQJhZin37jWhnRWg7t47LaEi6uBLVfUg02khz29iQIXi1eWrnbNK72&google_hm=uxtXlj9qTLmAbDgmYCjWifM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTzUELnOSALcK0hblExY2tDC4xLXK_1I_wEyCxyy7FOliSQJhZin37jWhnRWg7t47LaEi6uBLVfUg02khz29iQIXi1eWrnbNK72&google_hm=uxtXlj9qTLmAbDgmYCjWifM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame AF7B 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRhr1Smaea39F13bJTlUfQEu-XIlAVfFqp7UonsC1MVTWXmJbRF2Pr4y9LndUNSbNukpg0JLH_CaRtca7tFz2O4sGRHgw0LcRU&google_gid=CAESEGTNwsHCl6VN7OhMX9Tl0Gc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
257772
expires
Mon, 18 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AF7B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-iD6XGdQNhGi8eXa8cuik&google_cver=1&google_push=AXcoOmQXNIuxH0_7gHvydS-OfFpakoBp09xAJi-Y6InLJR3Pcli3SP1ihAltN77utzQXuhUTfgdKxcQY...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmQXNIuxH0_7gHvydS-OfFpakoBp09xAJi-Y6InLJR3Pcli3SP1ihAltN77utzQXuhUTfgdKxc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmQXNIuxH0_7gHvydS-OfFpakoBp09xAJi-Y6InLJR3Pcli3SP1ihAltN77utzQXuhUTfgdKxcQY1eoGCBInUst5459ieHpwPbPg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE3NTMzNjMxMjczOTY5Njc2Ng&google_push=AXcoOmQXNIuxH0_7gHvydS-OfFpakoBp09xAJi-Y6InLJR3Pcli3SP1ihAltN77utzQXuhUTfgdKxcQY1eoGCBInUst5459ieHpwPbPg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame AF7B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPsoBPuir4CpQsrSOdS6Zu4&google_cver=1&google_push=AXcoOmS5A02g_1UjLk2_lmCYiAcg8Tef-HkpKkg7xS24Q6bWVNu3a_txaUqTnzVhcx2FMPVtWZcUljBWYB4S...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS5A02g_1UjLk2_lmCYiAcg8Tef-HkpKkg7xS24Q6bWVNu3a_txaUqTnzVhcx2FMPVtWZcUljBWYB4SOtjgI8ONhI0QNt3DX35W
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS5A02g_1UjLk2_lmCYiAcg8Tef-HkpKkg7xS24Q6bWVNu3a_txaUqTnzVhcx2FMPVtWZcUljBWYB4SOtjgI8ONhI0QNt3DX35W
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS5A02g_1UjLk2_lmCYiAcg8Tef-HkpKkg7xS24Q6bWVNu3a_txaUqTnzVhcx2FMPVtWZcUljBWYB4SOtjgI8ONhI0QNt3DX35W
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame AF7B
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENfl3Zxf-mLw...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTbMJZtBNisuXdj6HA2h6vV1MLYhKOLqyap8AbCTYSVQXwU0diQ_AXnIkVI1BrYliPqaF_kU03pe4ODdvCORvRKNBFLQIp7r0l1bg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires
Mon, 18 Sep 2023 18:07:36 GMT
pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AF7B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LK-H50d60VW97VlM7fboMLML191f8Fm7AQWuYVK0qodVso7D42gpnNX7zYJ6jvAfh4k7JbWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 2E6C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6065f8b5be54690b2212b3d4c11e2861ca0a7de10f67c996c6003eeef5c5aed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 2E6C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ChvVk55EIZYP9B92ciM0Ph6uAwAyA0LOkcri6t7DEEb2N-sGXHBABIJGHnTlglQKgAbrb45gDyAEJqAMByAPLBKoEiwJP0Jc0mjaybI3ePW9WFKe07RwOAV00iVVBy4fn3REeXwzeI_-lRFu...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226555659363665886585%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226555659363665886585%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22857271738%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229797362496735592721%22}&andc=true
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"6555659363665886585","debug_reporting":true,"destination":"https://infragistics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["857271738"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"9797362496735592721"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 18:07:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Sep 2023 18:07:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6555659363665886585","debug_reporting":true,"destination":"https://infragistics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["857271738"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"9797362496735592721"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame B910 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=5700081834&adk=2665262439&adf=254266783&pi=t.ma~as.5700081834&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455072&bpp=1&bdt=2697&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=1136015953&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=xE52b1hanX&p=https%3A//malwaretips.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
289824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:37:12 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226555659363665886585%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22857271738%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229797362496735592721%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 18:07:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame ABB0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 06:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
41430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 06:37:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame ABB0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 12:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
21236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 12:13:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame ABB0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
80448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
l
www.google.com/ads/measurement/ Frame ABB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBfS5BlZpgslvCSVezimo_sXGVk3GWG9JGUUykB1UaDAfcxCdV2_L82OVecIworQ8BOLS6wectY4Eiq1R1nLFJsdQTMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ABB0 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 18:07:37 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame ABB0 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 17:47:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 17:47:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E27B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Tue, 19 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/1699725738058057855/ Frame ABB0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1699725738058057855/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae67b52c65b35a0314b2b3e120a3cf30bdbe159b9c071b8f885ad687f86dc12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:42:26 GMT
x-content-type-options
nosniff
age
174311
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7274
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 11:46:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 17:42:26 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13188595660345184437/ Frame ABB0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13188595660345184437/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
312bad17db40f21dc7176670c49407249c73d72137cdf340c1b248c7539bcc69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 07:36:34 GMT
x-content-type-options
nosniff
age
210663
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 03:56:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 07:36:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABB0 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:26:14 GMT
x-content-type-options
nosniff
age
520883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Sep 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ABB0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 22:08:16 GMT
x-content-type-options
nosniff
age
417561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 22:08:16 GMT
truncated
/ Frame ABB0 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
965c54ffd3e4cfcaadc652d48cf073c6f610d51b2863d43481cdd72d80f07ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame E27B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMEq-aDXKpqCEHDSlUqI0dk&google_cver=1&google_push=AXcoOmRQaCqY7HRzWJAHHIoxuZ8Dl8P4weOj4t5hi6e-B2YAwJG3LHvd8gX806fv6vchyhbk2qBfMo8jFaah8j...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDIyOTIyNzU3MDg1NDA0NA%3D%3D&google_push=AXcoOmRQaCqY7HRzWJAHHIoxuZ8Dl8P4weOj4t5hi6e-B2YAwJG3LHvd8gX806fv6vchyhbk2qBfMo8jFaah8jw-cl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDIyOTIyNzU3MDg1NDA0NA%3D%3D&google_push=AXcoOmRQaCqY7HRzWJAHHIoxuZ8Dl8P4weOj4t5hi6e-B2YAwJG3LHvd8gX806fv6vchyhbk2qBfMo8jFaah8jw-clgAogA4kBtaHleN
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDIyOTIyNzU3MDg1NDA0NA%3D%3D&google_push=AXcoOmRQaCqY7HRzWJAHHIoxuZ8Dl8P4weOj4t5hi6e-B2YAwJG3LHvd8gX806fv6vchyhbk2qBfMo8jFaah8jw-clgAogA4kBtaHleN
Date
Mon, 18 Sep 2023 18:07:37 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame E27B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGKjUTT4rKWCigGbFd_tpJM&google_cver=1&google_push=AXcoOmTDo_Eo3FDMO9eBgJXXXlMHw_csYTAiL6eAltxVDwxjt9En46YNrmgbh6QQ1Z9WAcIeL7PxDdEjHGco5-Euq2cM6un9vR-UB7JI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.69.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame E27B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxL2lzr89FkhXNf8HL_uaQxjychSPij889jyU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E6C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOMwerT4IrmRhc6qfB2AjyDX4Z72gYmjgWUWBZ-lLgKqAlkblyBVnZHvocj-RUz-J6qfkHSfbtR_Dsh11R5wWDf5g2Jl7F6fNmbccfeCLBCTICWl0xoRKrTrXL-MjjGSIqZm9Ku9kN8GwJ&sai=AMfl-YQUHcg-SvQUglVp_Pb6g_iKbD61sc_hWh3SJ_gMNT2CBqenfpUD4v1zCLjWH8DtHGLxrUA5QrplYasYUJ9ikROmlYrlEugiZm7k6sBWSYsvlVRLGYcBfatPk4Ks&sig=Cg0ArKJSzB3MBCxjXUw5EAE&cid=CAQSPABpAlJW6jZ4Ef5k1FD8lJu-LdLqdEWgTxmwzb_iH2Ym5umYqDqC_Wcgg3owngnuoKmx6P1i-fnnzj_FTBgB&id=lidar2&mcvt=1035&p=0,0,280,1000&mtos=0,0,0,1035,1035&tos=0,0,0,1035,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=0.4&if=1&vu=1&app=0&itpl=22&adk=2665262439&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695060455082&rpt=1215&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 18:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame ABB0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3LGB55EIZZuHDv6XiM0Pr4CY6A2XzN7Mafnqs_OHEN6419SLDhABIJGHnTlglQKgAZed-NkDyAEJqQJax73hMsW0PqgDAcgDywSqBJcCT9BxQSRpygjtba0x7yNdEHSgxbGGMcmGi32tnuV...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215142793276236908835%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215142793276236908835%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22993922711%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222057803167163814353%22}&andc=true
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:07:37 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"15142793276236908835","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["993922711"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"2057803167163814353"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 18:07:37 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Sep 2023 18:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15142793276236908835","debug_reporting":true,"destination":"https://totaladblock.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["993922711"],"4":["09-18"],"6":["true"]},"priority":"500","source_event_id":"2057803167163814353"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
pagead2.googlesyndication.com/bg/ Frame 11CE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7750719144850257&output=html&h=280&slotname=3077074880&adk=3639841909&adf=884373594&pi=t.ma~as.3077074880&w=1000&fwrn=4&fwrnh=100&lmt=1695053255&rafmt=1&format=1000x280&url=https%3A%2F%2Fmalwaretips.com%2Fblogs%2Fremove-youve-visited-illegal-infected-website-scam%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695060455182&bpp=1&bdt=2807&idt=1&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dedb59adebecc4c98-2252ec397dde00f6%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw&gpic=UID%3D00000c7842e15c7d%3AT%3D1695060453%3ART%3D1695060453%3AS%3DALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw&prev_fmts=0x0%2C300x600%2C1000x280%2C360x280%2C1000x280&nras=3&correlator=2938582872082&frm=20&pv=1&ga_vid=841903048.1695060453&ga_sid=1695060453&ga_hid=641636452&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=2173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31077699%2C31077704%2C31077969%2C44795922%2C31077910&oid=2&psts=AOrYGsnQ1Hary6c7Ba7CGOpyCT2rYkVM0XJjf7aC9Cuwejb3XEr8XUQXMIh5-F4nAVKv-pIUs3iKTb97WokLhrCvFC5r4g%2CAOrYGslL1oVKL9W0IKKKfcu3T4P1wZ-wgE36HfP4xAfOGmbfU_4rew_xpkDP7JeAwnSd9cm5MNo2tsmITmw2A_Odb8Aw%2CAOrYGsmNYRlCak-BNj8WhOl_tQJCQHnrqxRfGJvsuJXGWV3odwPzQogUo6MU6uRt581WaDg0dfxC8Fd5wuNiZdfODeDNig&pvsid=3108470924777406&tmod=985275701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=0FD89g54Yv&p=https%3A//malwaretips.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
289825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14603
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 09:37:12 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215142793276236908835%22,%22debug_reporting%22:true,%22destination%22:%22https://totaladblock.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22993922711%22],%224%22:[%2209-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222057803167163814353%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 18:07:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture function| advanced_ads_ready object| advanced_ads_ready_queue object| advads_options undefined| $ function| jQuery object| advads object| advadsCfpQueue function| advadsCfpAd object| zarazData object| zaraz object| adsbygoogle function| WPO_Intersection_Observer object| WPO_LazyLoad object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| offSide object| countVars object| embedVars object| dclCustomVars object| advadsCfpInfo object| generateOffside object| closeElements object| slideoutLinks function| closeOffsideOnAction object| toggles function| offside string| google_user_agent_client_hint object| generatepressMenu object| generatepressNavSearch object| q2w3_sidebar_options object| advanced_ads_pro_ajax_object object| SUShortcodesL10n function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| SUImageCarousel object| advads_admin_bar_items object| advads_passive_placements object| advads_has_ads object| advadsProCfp function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| dataLayer object| googletag object| advads_passive_ads object| advads_passive_groups object| advads_placement_tests object| advads_ajax_queries object| advads_js_items object| rules object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
.malwaretips.com/ Name: google-analytics_v4_BUXN__engagementStart
Value: 1695060452902
.malwaretips.com/ Name: google-analytics_v4_BUXN__counter
Value: 1
.malwaretips.com/ Name: google-analytics_v4_BUXN__ga4sid
Value: 1444637545
.malwaretips.com/ Name: google-analytics_v4_BUXN__session_counter
Value: 1
.malwaretips.com/ Name: google-analytics_v4_BUXN__ga4
Value: 84de875f-7785-4e2a-b163-8ecb5929872b
.malwaretips.com/ Name: google-analytics_v4_BUXN__let
Value: 1695060452902
.malwaretips.com/ Name: __gads
Value: ID=edb59adebecc4c98-2252ec397dde00f6:T=1695060453:RT=1695060453:S=ALNI_MaPUqInyowQ6Yda-iGCukXyotWWKw
.malwaretips.com/ Name: __gpi
Value: UID=00000c7842e15c7d:T=1695060453:RT=1695060453:S=ALNI_MaPbfuj2ntNiGNOLY9jHgY_S8oVCw
.doubleclick.net/ Name: IDE
Value: AHWqTUn8hNpYkHXhpZEsdlnHfA2yv8XPtPHEEskR1yStQYQd4VbTRYAdU1-A6qVFNXQ
.quantserve.com/ Name: d
Value: EEwBCQH9KYEA
.quantserve.com/ Name: mc
Value: 650891e6-9c0ca-0e391-aff5c
.turn.com/ Name: uid
Value: 8802090091789458107
.simpli.fi/ Name: suid
Value: 86764B6F71CC48D9B46FA92F7C4C04A4
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7175336312739696766
.googleadservices.com/ Name: ar_debug
Value: 1
.ctnsnet.com/ Name: gid_CAESEPR12f5vq6M3rksR-weWPHw
Value: 1
.blismedia.com/ Name: b
Value: 650891E67A09DC45AFB6CFACBLIS
.doubleclick.net/ Name: DSID
Value: NO_DATA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQiR5gAOIn2BMAA4
.ctnsnet.com/ Name: cid
Value: bb1b57963f6a4cb9806c38266028d689
.w55c.net/ Name: wfivefivec
Value: wz0MJrIf1QIiEM5
.w55c.net/ Name: matchgoogle
Value: 5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
malwaretips.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
r.turn.com
secure.gravatar.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.26.9.188
142.250.185.66
142.250.186.130
151.101.130.49
178.250.7.11
2001:678:cb4:bbbb::11
23.32.185.35
2606:4700:20::ac43:45fa
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a02:fa8:8806:20::2010
2a04:fa87:fffe::c000:4902
3.124.69.248
3.126.78.53
3.33.220.150
34.96.105.8
35.186.193.173
35.204.74.118
37.157.5.132
51.89.9.251
85.114.159.118
02e1eacd7418360b6069eff57f52863576c26ac92b3aa797fc8a64adf5f65789
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0ab6a6fe45623e0e9a0057f7be910200a44d1b50f33ea4bca1b8ded71f4df99a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
113ddf5ecc523fa68b77060bcb6e30609289da876c4b168bb5d7638b9d95469a
15de3f0301ba27f88c74b78e431e72eea0a39c21adbea13b56889ca86960357b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a7c861ca1c1624391d51b4f7ed3e499abb26666b893599486b4d2bec8a8797b
1bfa37eb9df0fac1740ca416ce5c941e8224c3796d98376b34c0e67b83b78cf7
2a3acb60500d0a360ba65a959af2f94d3068bcf9034493da6d07a5790965cbec
2bb03954e49a16ebc7f0c6c2a93349d0101eb79586849f8978215025be18da95
312bad17db40f21dc7176670c49407249c73d72137cdf340c1b248c7539bcc69
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34bc2a65f45649c34fc7b20819655175f006e32690dc0684f171afcda19ef415
353e5a705699ebcd7024c99b5c5046ad05ffed2bdfc2a9f134de365b0c0aa08a
36699799531c9b49bbdd7429ca0e2df78b3e45e9cc2a87efd743aeae92d6ec58
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
397693f737760b4c64ead031dfca2028a0a5a5b9e4b9d4f1f166a7dc4b8fc1f2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d0fd03fb5c8967ffaba378dba482c544f2e2001be45578dabb9f54b5b2bccc0
44a0fe246d2896663188c4e02e9b1d0609650a65144cbfa8e0d84cd4bcbced79
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4904754b79a6c0457f872a48b1fad942125fc774b68084a3aeeb0480f0a2d497
4be192247e9f48d8cc649cc2408ea763c7ac46882833fa11289f5a8e064d463e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55efda6c9b70570749b694d43a66a89339acda2c111808f6700c4bfa12ba7201
5a111b146f2635fd687c971dde2a9f422d9d6de37938bf3c6be239f4aaadb327
6065f8b5be54690b2212b3d4c11e2861ca0a7de10f67c996c6003eeef5c5aed0
60b883eb738106262c4a96f9b764c5cb3dbb9cfb34a73d2adefc39844ac74170
6125c210ea6c7e7a1f943039dfce9ca6e949a709e6fe6c81ac5338aff9353658
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69e3541915912729bf1c0ac52ac27e83b075f5134f3ed9e1ff1ab256fc374954
798db210e3a0450731b8d31c73579a4b66c3ea9846c454fe4826be2822a74fb2
7a96a2e47105cf8e172977e617dad40c74a8e5041e8fd2b182ff6532243af3a2
7e8ec77f208909bfc3ee616bb90ba20825a943a991c5cd49e678ab2e28f56865
80a7097a4f79042d9249213b4d73c4d9bd08b3dd18554d2f18c2df8de2657a55
83e7af225aff70e562a90a847fed54c3b8e981aff17f95dec5e1f2c50eaa6d36
85586d980f6bb1488ce784665c08cb9c68b7ad85d2ad4041a32517032951aa08
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
89246d090572a3337dfbc53d719f3c47ccafb50b4a9f25a18d8a49e6278403ab
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
965c54ffd3e4cfcaadc652d48cf073c6f610d51b2863d43481cdd72d80f07ed6
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a46cf08b1b7aaa9ec120c1d84002bc60cf29771b6cd107f737d137162bd36568
a49ad6919d87328762787f3eb317eb5ecf70f47ef2038af9db7982b3465c0ef5
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aaca38cdb158e94a0fed343d59d7ac9e4161ba72ed2560d49b8b8690f2306d78
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad2011589699e6f1fbd716af022e7069cca8e54f4bf8637143c2eaf876c02f83
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
ba9a8cf6632dadfa2b6381255728822490bca490644de81cec3f692dae4d669d
bae67b52c65b35a0314b2b3e120a3cf30bdbe159b9c071b8f885ad687f86dc12
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0a4cccddbd11657216af7fe92edb5e8ebcbd7b687ae9e4740a440d53e161f7d
c27b88871611575b10d52624f9f3c7c5fcde8ac801ca21ae6518089ab577d86b
c3c6be5983011be9cf40766104660bdc04169ebd90c993cfe3b30644eaa86dc5
cd60df712fbaa50cc06b9e94c00acf4628a0dfb19ac0029118bccce498dab892
cd93394fd619f798a96b816d476d14b14051345cbf3b7edaaf2a8eb11720a925
ce93fe3026faafbca25f2650aefcd23d6415b1885d4f2b356b010888895b725b
d35311d353588f7ba5efe65288c514ecb946da395a0e8b168008120ae42e47e6
d4e866c56164d7238c3052c7ddf5d60be2097b9e8880ca0018e377b982916cfb
d583e78be1c771e09b8be2381445b51881ecc4a3738e0208bd85fca53ed91c4d
d709b74c57c613ce96b526090ce3770ed5b6119c58d3b8141e75ee1e19672b10
d93dce436bdb384e42f00b232921e4026aab46ba32f9346691003db7ef3ec3ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe75db23715077cb00530d97e25f8d10683d691ecb672100d823a8431d5f820
ed274a47a786c7ec9a3d172f000f9b9faba6b9edf15fbdfe7193bc6fb9d09399
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390