urlscan.io logo urlscan.io
SecurityTrails logo

www.ladieswantmore.com Open in urlscan Pro
89.105.192.86  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b...
Submission: On May 04 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 54 HTTP transactions. The main IP is 89.105.192.86, located in Netherlands and belongs to NOVOSERVE-AS, NL. The main domain is www.ladieswantmore.com.
This is the only time www.ladieswantmore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    89.105.192.86 (Netherlands)

ASN24875 (NOVOSERVE-AS, NL)
www.ladieswantmore.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
20    89.105.192.68 (Netherlands)

ASN24875 (NOVOSERVE-AS, NL)
PTR: dev.memplaza.com
adv.adsbwm.com
1    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
20 adv.adsbwm.com www.ladieswantmore.com
adv.adsbwm.com
19 www.ladieswantmore.com www.ladieswantmore.com
4 pagead2.googlesyndication.com adv.adsbwm.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com www.ladieswantmore.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com www.ladieswantmore.com
54 10

This site contains no links.

Subject Issuer Validity Valid
*.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Frame ID: E8DBB1592419B188CBD649BB41C709F2
Requests: 42 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FDFBCF76C9DABE3CD62141F32C4A0F66
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200428/r20190131/zrt_lookup.html
Frame ID: CDE62F9FCF35A87427C9FBC00C1FB92C
Requests: 1 HTTP requests in this frame

Frame: http://adv.adsbwm.com/www/delivery/xhr.html?real_cb=238740
Frame ID: ABBF7E1C187120592B07D656DD09D7AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010069966035862&output=html&h=90&slotname=8616875501&adk=4231286139&adf=1842636965&w=728&lmt=1588602655&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.ladieswantmore.com%2Fwells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20%2FMalware%2520Hash1be73b71489c2f3&ea=0&flash=0&wgl=1&adsid=NT&dt=1588602655688&bpp=18&bdt=1797&idt=58&shv=r20200428&cbv=r20190131&ptt=5&saldr=sa&correlator=6573723197542&frm=23&ife=1&pv=2&ga_vid=686059323.1588602656&ga_sid=1588602656&ga_hid=1335423922&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=54&biw=1600&bih=1200&isw=728&ish=90&ifk=3381573324&scr_x=0&scr_y=0&eid=21065473%2C21065475%2C21065787&oid=3&pvsid=1803889842537607&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8212&bc=23&ifi=1&uci=1.sxhnvt6vt5cm&fsb=1&dtd=75
Frame ID: 51B12F5A8D85F186B3B3745B8B4AAC51
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 57ABDE420C793D703AFACCACC9110DA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

54
Requests

17 %
HTTPS

71 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

871 kB
Transfer

1119 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set Malware%20Hash1be73b71489c2f3
www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/ 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
1077af75ecb2f8edb1389b2632195aec3d1462a5bc7f238f918a35606945c852

Request headers

Host
www.ladieswantmore.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.10.0 (Ubuntu)
Date
Mon, 04 May 2020 14:30:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=bo2j9nogmnejd6pf427up0fbt7; path=/
Pragma
no-cache
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<http://www.ladieswantmore.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding
gzip
style.css
www.ladieswantmore.com/wp-content/plugins/OxaRss/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/plugins/OxaRss/css/style.css
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
624c7ca77462e2c60a05143104575e6ab4a770e6165970a15b860975ebd95a8c

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Tue, 25 Apr 2017 14:01:39 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"58ff56c3-539"
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1337
Expires
Tue, 05 May 2020 14:30:52 GMT
style.css
www.ladieswantmore.com/wp-content/themes/sahifa/ 		196 KB
197 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/style.css
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
f94196e0da6dd1d9d5b5d5e2a73c12daee169cf951807aade0dc2f6a6bc5337b

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Fri, 12 Oct 2018 11:46:40 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc089a0-3119d"
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201117
Expires
Tue, 05 May 2020 14:30:52 GMT
skin.css
www.ladieswantmore.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Fri, 12 Oct 2018 11:48:40 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc08a18-1c79"
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7289
Expires
Tue, 05 May 2020 14:30:52 GMT
css
fonts.googleapis.com/ 		870 B
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18fdd32005b166b31d4db049571e612d6f22e9e9d1edea4b8c10fca2de411e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 May 2020 14:30:52 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Mon, 04 May 2020 14:30:52 GMT
jquery.js
www.ladieswantmore.com/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-includes/js/jquery/jquery.js
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Sun, 08 Sep 2019 09:49:51 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5d74cebf-17a6a"
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96874
Expires
Tue, 05 May 2020 14:30:52 GMT
jquery-migrate.min.js
www.ladieswantmore.com/wp-includes/js/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Mon, 24 Apr 2017 08:56:19 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"58fdbdb3-2748"
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10056
Expires
Tue, 05 May 2020 14:30:52 GMT
cronjob_enabler.js
www.ladieswantmore.com/wp-content/plugins/OxaRss/js/ 		341 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/plugins/OxaRss/js/cronjob_enabler.js
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
a2ad4388e23f6e36e531757d9c881c0e5c439cf28c40d22372c26cc0334dcf2f

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Tue, 25 Apr 2017 14:01:51 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"58ff56cf-155"
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
341
Expires
Tue, 05 May 2020 14:30:52 GMT
ladywantmore-190x60.png
www.ladieswantmore.com/wp-content/uploads/2018/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ladieswantmore.com/wp-content/uploads/2018/10/ladywantmore-190x60.png
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
1c72ce71f6d08bd712a098631bc04bfef8cd5b2f9408db4cc58ef4758a0941fe

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Mon, 15 Oct 2018 14:08:08 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc49f48-151b"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5403
Expires
Tue, 05 May 2020 14:30:53 GMT
24f0bbf1c4ff598be2bc1cd195f04a5d_IMAGE5660-310x165.jpg
www.ladieswantmore.com/wp-content/uploads/2020/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ladieswantmore.com/wp-content/uploads/2020/05/24f0bbf1c4ff598be2bc1cd195f04a5d_IMAGE5660-310x165.jpg
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
4ca29f917db258da162626b429a8ea1cd7bace450dc884b4ec176d4b77eae61a

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Mon, 04 May 2020 05:41:50 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5eafab1e-23e9"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9193
Expires
Tue, 05 May 2020 14:30:53 GMT
punta-cana-all-inclusive-hyatt-aerial-310x165.jpg
www.ladieswantmore.com/wp-content/uploads/2020/05/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ladieswantmore.com/wp-content/uploads/2020/05/punta-cana-all-inclusive-hyatt-aerial-310x165.jpg
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
62398ec1a033b36c04074d1d0f30acf7ef80ec0ae54b12816697bb2efe038927

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Mon, 04 May 2020 05:41:25 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5eafab05-52e8"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21224
Expires
Tue, 05 May 2020 14:30:53 GMT
ice_cream_uncertainty_graphic_0-310x165.jpg
www.ladieswantmore.com/wp-content/uploads/2020/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ladieswantmore.com/wp-content/uploads/2020/05/ice_cream_uncertainty_graphic_0-310x165.jpg
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
3a1e33b9343d54ae1b5f2adbd3daa411ae851073ae68169b81ad3d111f30b756

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Mon, 04 May 2020 09:04:14 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5eafda8e-2308"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8968
Expires
Tue, 05 May 2020 14:30:53 GMT
AR-200509909-300x165.jpg
www.ladieswantmore.com/wp-content/uploads/2020/05/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ladieswantmore.com/wp-content/uploads/2020/05/AR-200509909-300x165.jpg
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
2a4262fa3b96d642be3390cb17bbfe0b5c05acaec6565320beef69d023a3283e

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Mon, 04 May 2020 09:03:47 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5eafda73-192e"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6446
Expires
Tue, 05 May 2020 14:30:53 GMT
tie-scripts.js
www.ladieswantmore.com/wp-content/themes/sahifa/js/ 		77 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
1e1171222335de344164fbe02b80eab1fb49090cc14911ec3528ef717e0c70ae

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Fri, 12 Oct 2018 11:46:49 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc089a9-13356"
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78678
Expires
Tue, 05 May 2020 14:30:52 GMT
ilightbox.packed.js
www.ladieswantmore.com/wp-content/themes/sahifa/js/ 		75 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:52 GMT
Last-Modified
Fri, 12 Oct 2018 11:46:47 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc089a7-12cdc"
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77020
Expires
Tue, 05 May 2020 14:30:52 GMT
wp-embed.min.js
www.ladieswantmore.com/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-includes/js/wp-embed.min.js
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Mon, 24 Apr 2017 08:56:19 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"58fdbdb3-576"
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1398
Expires
Tue, 05 May 2020 14:30:53 GMT
body-bg7.png
www.ladieswantmore.com/wp-content/themes/sahifa/images/patterns/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

Referer
http://www.ladieswantmore.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Fri, 12 Oct 2018 11:48:35 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc08a13-529a"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21146
Expires
Tue, 05 May 2020 14:30:53 GMT
SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Origin
http://www.ladieswantmore.com

Response headers

Date
Mon, 27 Apr 2020 23:16:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Feb 2020 02:52:18 GMT
Server
sffe
Age
573255
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11396
X-XSS-Protection
0
Expires
Tue, 27 Apr 2021 23:16:38 GMT
SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Origin
http://www.ladieswantmore.com

Response headers

Date
Sat, 28 Mar 2020 03:36:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Feb 2020 02:00:07 GMT
Server
sffe
Age
3236081
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
11236
X-XSS-Protection
0
Expires
Sun, 28 Mar 2021 03:36:12 GMT
pti.php
adv.adsbwm.com/www/delivery/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/pti.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
0b943320da8d7b97b73f255ff2945b508cdd0bdf08bbacd481e38d66c75d5aec

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptx.js
adv.adsbwm.com/www/delivery/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptx.js
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/pti.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
nginx /
Resource Hash
9854703d0549664293d196c8d8e3952781af50b8f1e0fa8b4f59c6a2ff947f6c

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public,max-age=600
Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Wed, 20 Apr 2016 15:58:57 GMT
Server
nginx
ETag
"5717a741-a05a"
Content-Type
application/javascript
Cache-Control
public,max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41050
BebasNeue-webfont.woff
www.ladieswantmore.com/wp-content/themes/sahifa/fonts/BebasNeue/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.ladieswantmore.com/wp-content/themes/sahifa/style.css
Origin
http://www.ladieswantmore.com

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Fri, 12 Oct 2018 11:47:00 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc089b4-4e1c"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19996
stripe.png
www.ladieswantmore.com/wp-content/themes/sahifa/images/ 		93 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wp-content/themes/sahifa/js/tie-scripts.js
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Referer
http://www.ladieswantmore.com/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Fri, 12 Oct 2018 11:46:46 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc089a6-5d"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93
Expires
Tue, 05 May 2020 14:30:53 GMT
fontawesome-webfont.woff2
www.ladieswantmore.com/wp-content/themes/sahifa/fonts/fontawesome/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.ladieswantmore.com/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wp-content/themes/sahifa/js/tie-scripts.js
Protocol
HTTP/1.1
Server
89.105.192.86 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.ladieswantmore.com/wp-content/themes/sahifa/style.css
Origin
http://www.ladieswantmore.com

Response headers

Date
Mon, 04 May 2020 14:30:53 GMT
Last-Modified
Fri, 12 Oct 2018 11:47:09 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"5bc089bd-118d8"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71896
jpti.php
adv.adsbwm.com/www/delivery/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/jpti.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&d=&c=1&rt=a&ftp=true&fstp=false&fitp=false&cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
a7f41c5ac5f1b39212cea38ffadb5969521c17d4831672e4e87fa4b6893d3be0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:30:55 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF8
X-Delivery-Cache
1
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=7712&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:30:56 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FDFB 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e7aa8c60b68f79011ac112393c9632411fa78a568183ae1b4d223596eb7f122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 04 May 2020 14:30:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5169853907014022229
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
31060
X-XSS-Protection
0
Expires
Mon, 04 May 2020 14:30:55 GMT
integrator.js
adservice.google.de/adsid/ Frame FDFB 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ladieswantmore.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 May 2020 14:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FDFB 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ladieswantmore.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 May 2020 14:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/ Frame FDFB 		217 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a3565d4181b96ecd198208dae19dc737869a010485c509355d370bab84db854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 14:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83744
x-xss-protection
0
server
cafe
etag
17458909180920526513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 May 2020 14:30:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200428/r20190131/ Frame CDE6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200428/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200428/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 28 Apr 2020 23:48:04 GMT
expires
Tue, 12 May 2020 23:48:04 GMT
content-type
text/html; charset=UTF-8
etag
2883597723061595496
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4868
x-xss-protection
0
cache-control
public, max-age=1209600
age
484971
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
xhr.html
adv.adsbwm.com/www/delivery/ Frame ABBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/xhr.html?real_cb=238740
Requested by
Host: www.ladieswantmore.com
URL: http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
nginx /
Resource Hash

Request headers

Host
adv.adsbwm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
OAID=e8996c73583b1b4f127eab6345d790ad
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3

Response headers

Server
nginx
Date
Mon, 04 May 2020 14:30:55 GMT
Content-Type
text/html
Content-Length
203
Last-Modified
Fri, 09 May 2014 11:59:34 GMT
Connection
keep-alive
ETag
"536cc326-cb"
Cache-Control
public,max-age=600
Pragma
public,max-age=600
Accept-Ranges
bytes
ads
googleads.g.doubleclick.net/pagead/ Frame 51B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7010069966035862&output=html&h=90&slotname=8616875501&adk=4231286139&adf=1842636965&w=728&lmt=1588602655&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.ladieswantmore.com%2Fwells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20%2FMalware%2520Hash1be73b71489c2f3&ea=0&flash=0&wgl=1&adsid=NT&dt=1588602655688&bpp=18&bdt=1797&idt=58&shv=r20200428&cbv=r20190131&ptt=5&saldr=sa&correlator=6573723197542&frm=23&ife=1&pv=2&ga_vid=686059323.1588602656&ga_sid=1588602656&ga_hid=1335423922&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=54&biw=1600&bih=1200&isw=728&ish=90&ifk=3381573324&scr_x=0&scr_y=0&eid=21065473%2C21065475%2C21065787&oid=3&pvsid=1803889842537607&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8212&bc=23&ifi=1&uci=1.sxhnvt6vt5cm&fsb=1&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7010069966035862&output=html&h=90&slotname=8616875501&adk=4231286139&adf=1842636965&w=728&lmt=1588602655&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fwww.ladieswantmore.com%2Fwells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20%2FMalware%2520Hash1be73b71489c2f3&ea=0&flash=0&wgl=1&adsid=NT&dt=1588602655688&bpp=18&bdt=1797&idt=58&shv=r20200428&cbv=r20190131&ptt=5&saldr=sa&correlator=6573723197542&frm=23&ife=1&pv=2&ga_vid=686059323.1588602656&ga_sid=1588602656&ga_hid=1335423922&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=562&ady=54&biw=1600&bih=1200&isw=728&ish=90&ifk=3381573324&scr_x=0&scr_y=0&eid=21065473%2C21065475%2C21065787&oid=3&pvsid=1803889842537607&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8212&bc=23&ifi=1&uci=1.sxhnvt6vt5cm&fsb=1&dtd=75
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 04 May 2020 14:30:55 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 04-May-2020 14:45:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 04 May 2020 14:30:55 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame FDFB 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d26e058f6f092f10c14e8f42fd2dc8959b22ea43fd98f781eb45e1a84e482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 14:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1588332207717364"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27848
x-xss-protection
0
expires
Mon, 04 May 2020 14:30:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FDFB 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200428&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1586fd6430e9f87847bf0683da8dd39e809749792a8f1c4e6b6f5b8bb49a0ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 May 2020 14:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5530
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FDFB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200428/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 14:30:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Mon, 04 May 2020 14:30:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 57AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Mon, 04 May 2020 13:56:24 GMT
expires
Tue, 04 May 2021 13:56:24 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2072
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame FDFB 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200428&jk=1803889842537607&bg=!DwylDBRYZtKgHR9zTsgCAAAAPVIAAAANmQGcmV7VKY3jNmUu06xz1o93FGCylw1NRUnwELS1-bYFkyZLjc7JfiHbANDHeweb-my1lSE5PNVivqerrg0YxdR3XC0uiRKKyT385IVOZ2awkSpAGchTrRJ25XFwWIzSEMl6DCU1tpZF8VKz891mHMvgFC8dN6hJy1ebnNJFvXyS8OBZWPZ8WHS_bmijIeOrr_-1or_wAGM5gLicr11GR_O8KI80LgrLGM6Pu2NGKiDeeHj1yMPRhWUqTcM-fEYRLGZ7CarnM4gC4mO0mKKQyndo4iaEcmyA2GY85G-1FYYnt-drNtUjE95A58ebls-BUrYNSAKBRYK2vz91e3Hef5Zo5bnjwJMqmyLb0vrG6SiUz8n_10ybLx-Fhf0xMKZaw5AnOtxHfYolndcZIOgLXKW__068D8aD8LeSfwiwv-nKgXsH8g0icwJW0hoG1qQjdcBXXw_Xri3Gh2-Xph29aRwzWSmKNRP-Ccqd0YO0MwJWcZ0b8hpzBgub8mANMAM67sQh-Ovhxm0f_Cpnlq7ziRs4jfWG91RkvoZLN-UDgw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 14:30:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=417975&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:30:57 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=525675&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:30:57 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=293471&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:30:58 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=490955&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:30:59 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=820244&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:30:59 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=372187&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:00 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
close
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=860849&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:00 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=959774&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:01 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=11887&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:01 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=94378&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:02 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=237983&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:03 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=172264&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:03 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=802376&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:04 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=607186&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:04 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		47 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=476606&t=dc&real_cb=238740
Requested by
Host: adv.adsbwm.com
URL: http://adv.adsbwm.com/www/delivery/ptx.js
Protocol
HTTP/1.1
Server
89.105.192.68 , Netherlands, ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
dev.memplaza.com
Software
AdConneXa Delivery Engine / OxaMedia corp
Resource Hash
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356

Request headers

Referer
http://www.ladieswantmore.com/wells-fargo-reports-5-9-billion-in-quarterly-net-income-diluted-eps-of-1-20/Malware%20Hash1be73b71489c2f3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Date
Mon, 04 May 2020 14:31:05 GMT
Content-Encoding
gzip
Access-Control-Allow-Origin
http://www.ladieswantmore.com
X-Powered-By
OxaMedia corp
Transfer-Encoding
chunked
P3P
policyref="http://www.oxamedia.com/about-us/privacy-policy/", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Connection
keep-alive
X-Performance-Cache
off
Pragma
no-cache
Server
AdConneXa Delivery Engine
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Delivery-Cache
1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Balance-Server
89.105.192.68
Access-Control-Allow-Method
GET
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ptc.php
adv.adsbwm.com/www/delivery/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adv.adsbwm.com
URL
http://adv.adsbwm.com/www/delivery/ptc.php?zid=OWVkYmE2NjM2ZDkxMjhmMWJkMTkwMzI0OWY3NDVhMjBkYTAyMTVlODg5OThkZjkxNzM4YzdiZmJiZjM5N2U4ODQ0OGViMWE0NmU&ref=&cb=4971&t=dc&real_cb=238740

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery string| pRtS function| AdConneXa_tag function| AdConneXa_utils function| AdConneXa_cookie object| adconnexa_tag_238740 object| adconnexa_tags object| tie function| createTicker boolean| isInTag function| typetext object| tie_isMobile function| tie_SmothScroll object| html5 object| Modernizr function| yepnope object| jQuery11240054982768884514366 object| browserPrefixes object| wp object| $fade_object number| height object| $window object| $the_post object| $wrapper object| php_js boolean| isActive function| AdConneXa_inbanner_video function| AdConneXa_url function| AdConneXa_siteunder function| AdConneXa_interstitial function| AdConneXa_banner function| addAttribute function| AdConneXa_IncontentDone function| elementInViewport function| AdConneXa_Incontent function| AdConneXa_iframe_container function| AdConneXa_ajax object| AdConneXa_Event object| activeIncontent string| request_params boolean| _isIe object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

1 Cookies

Domain/Path Name / Value
www.ladieswantmore.com/ Name: PHPSESSID
Value: bo2j9nogmnejd6pf427up0fbt7

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.ladieswantmore.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
adv.adsbwm.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
www.ladieswantmore.com
adv.adsbwm.com
2a00:1450:4001:801::2001
2a00:1450:4001:814::200a
2a00:1450:4001:816::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2002
89.105.192.68
89.105.192.86
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a3565d4181b96ecd198208dae19dc737869a010485c509355d370bab84db854
0b943320da8d7b97b73f255ff2945b508cdd0bdf08bbacd481e38d66c75d5aec
1077af75ecb2f8edb1389b2632195aec3d1462a5bc7f238f918a35606945c852
1586fd6430e9f87847bf0683da8dd39e809749792a8f1c4e6b6f5b8bb49a0ee9
18fdd32005b166b31d4db049571e612d6f22e9e9d1edea4b8c10fca2de411e90
1c72ce71f6d08bd712a098631bc04bfef8cd5b2f9408db4cc58ef4758a0941fe
1e1171222335de344164fbe02b80eab1fb49090cc14911ec3528ef717e0c70ae
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
2a4262fa3b96d642be3390cb17bbfe0b5c05acaec6565320beef69d023a3283e
3a1e33b9343d54ae1b5f2adbd3daa411ae851073ae68169b81ad3d111f30b756
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ca29f917db258da162626b429a8ea1cd7bace450dc884b4ec176d4b77eae61a
62398ec1a033b36c04074d1d0f30acf7ef80ec0ae54b12816697bb2efe038927
624c7ca77462e2c60a05143104575e6ab4a770e6165970a15b860975ebd95a8c
75c7bff4be8cef0fcb1d4a199e7d84d9ed37fe88c92bec7c803ae38034e4d356
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e7aa8c60b68f79011ac112393c9632411fa78a568183ae1b4d223596eb7f122
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
9854703d0549664293d196c8d8e3952781af50b8f1e0fa8b4f59c6a2ff947f6c
a2ad4388e23f6e36e531757d9c881c0e5c439cf28c40d22372c26cc0334dcf2f
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a67d26e058f6f092f10c14e8f42fd2dc8959b22ea43fd98f781eb45e1a84e482
a7f41c5ac5f1b39212cea38ffadb5969521c17d4831672e4e87fa4b6893d3be0
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
f94196e0da6dd1d9d5b5d5e2a73c12daee169cf951807aade0dc2f6a6bc5337b