www.tomsguide.com Open in urlscan Pro
199.232.198.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-r...
Submission: On July 11 via manual (July 11th 2023, 2:48:42 am UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 18 domains to perform 101 HTTP transactions. The main IP is 199.232.198.114, located in United States and belongs to FASTLY, US. The main domain is www.tomsguide.com. The Cisco Umbrella rank of the primary domain is 45823.
TLS certificate: Issued by R3 on July 7th 2023. Valid for: 3 months.

This is the only time www.tomsguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	199.232.198.114 199.232.198.114	54113 (FASTLY) (FASTLY)
27	67.27.159.250 67.27.159.250	3356 (LEVEL3) (LEVEL3)
5	8.238.30.122 8.238.30.122	3356 (LEVEL3) (LEVEL3)
14	99.86.4.122 99.86.4.122	16509 (AMAZON-02) (AMAZON-02)
4	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
17	151.101.130.114 151.101.130.114	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:9256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
6	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
3	99.86.4.88 99.86.4.88	16509 (AMAZON-02) (AMAZON-02)
1	140.82.17.16 140.82.17.16	20473 (AS-CHOOPA) (AS-CHOOPA)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	52.208.139.32 52.208.139.32	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:4200:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:9a00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:5000:d:5ce3:a4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
101	25

2 199.232.198.114 (United States)

ASN54113 (FASTLY, US)

www.tomsguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 67.27.159.250 (United States)

ASN3356 (LEVEL3, US)

vanilla.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.238.30.122 (United States)

ASN3356 (LEVEL3, US)

cdn.mos.cms.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mos.fie.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.114 (United States)

ASN54113 (FASTLY, US)

slice.vanilla.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.130.114 (United States)

ASN54113 (FASTLY, US)

hawk.tomsguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9256 (United States)

ASN13335 (CLOUDFLARENET, US)

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

freyr.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bordeaux.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
champagne.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.servebom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-88.fra6.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.82.17.16 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 140.82.17.16.vultrusercontent.com

forums.tomsguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.139.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-139-32.eu-west-1.compute.amazonaws.com

sommelier.futurehybrid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:4200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5000:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rm-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	futurecdn.net vanilla.futurecdn.net — Cisco Umbrella Rank: 18615 cdn.mos.cms.futurecdn.net — Cisco Umbrella Rank: 15600 slice.vanilla.futurecdn.net — Cisco Umbrella Rank: 20700 freyr.futurecdn.net — Cisco Umbrella Rank: 18013 bordeaux.futurecdn.net — Cisco Umbrella Rank: 18019 champagne.futurecdn.net — Cisco Umbrella Rank: 20229 mos.fie.futurecdn.net — Cisco Umbrella Rank: 26121	644 KB
20	tomsguide.com www.tomsguide.com — Cisco Umbrella Rank: 45823 hawk.tomsguide.com — Cisco Umbrella Rank: 65389 forums.tomsguide.com — Cisco Umbrella Rank: 146782	522 KB
14	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 3931	151 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
4	dotmetrics.net uk-script.dotmetrics.net — Cisco Umbrella Rank: 4131 rm-script.dotmetrics.net — Cisco Umbrella Rank: 5088	7 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3605	71 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	414 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3062 p1.parsely.com — Cisco Umbrella Rank: 2242	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
1	jwplatform.com content.jwplatform.com — Cisco Umbrella Rank: 4080	44 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2849	8 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 52173	369 B
1	skimresources.com r.skimresources.com — Cisco Umbrella Rank: 3510	370 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 2261	440 B
1	futurehybrid.tech sommelier.futurehybrid.tech — Cisco Umbrella Rank: 19353	3 KB
1	servebom.com ads.servebom.com — Cisco Umbrella Rank: 18824	357 B
1	permutive.app 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 19513	272 KB
101	18

	Domain	Requested by
27	vanilla.futurecdn.net	www.tomsguide.com vanilla.futurecdn.net
17	hawk.tomsguide.com	www.tomsguide.com hawk.tomsguide.com
14	cdn.privacy-mgmt.com	www.tomsguide.com cdn.privacy-mgmt.com
6	www.google-analytics.com	www.tomsguide.com www.google-analytics.com
4	slice.vanilla.futurecdn.net	www.tomsguide.com
4	cdn.mos.cms.futurecdn.net	www.tomsguide.com
3	sb.scorecardresearch.com	1 redirects
3	uk-script.dotmetrics.net	www.tomsguide.com uk-script.dotmetrics.net
2	cdn.onesignal.com	www.tomsguide.com cdn.onesignal.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.tomsguide.com	www.tomsguide.com
1	fonts.googleapis.com	client
1	rm-script.dotmetrics.net	www.tomsguide.com
1	content.jwplatform.com	vanilla.futurecdn.net
1	cdn.jwplayer.com	vanilla.futurecdn.net
1	ampcid.google.de	www.google-analytics.com
1	r.skimresources.com	hawk.tomsguide.com
1	ampcid.google.com	www.google-analytics.com
1	sommelier.futurehybrid.tech	bordeaux.futurecdn.net
1	ads.servebom.com	bordeaux.futurecdn.net
1	p1.parsely.com	www.tomsguide.com
1	forums.tomsguide.com	www.tomsguide.com
1	mos.fie.futurecdn.net	www.tomsguide.com
1	champagne.futurecdn.net	www.tomsguide.com
1	bordeaux.futurecdn.net	www.tomsguide.com
1	cdn.parsely.com	www.tomsguide.com
1	freyr.futurecdn.net	www.tomsguide.com
1	6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	www.tomsguide.com
101	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.pinterest.com
flipboard.com
www.awin1.com
forums.tomsguide.com
www.reddit.com
pinterest.com
share.flipboard.com
blog.pradeo.com
www.bleepingcomputer.com
store.google.com
target.georiot.com
www.futureplc.com
go.future-advertising.com

Subject Issuer	Validity	Valid
www.tomsguide.com R3	`2023-07-07` - `2023-10-05`	3 months	crt.sh
*.futurecdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-08` - `2024-07-08`	a year	crt.sh
*.privacy-mgmt.com Amazon RSA 2048 M02	`2022-11-07` - `2023-12-06`	a year	crt.sh
slice.vanilla.futurecdn.net R3	`2023-05-31` - `2023-08-29`	3 months	crt.sh
hawk.techradar.com R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
freyr.futurecdn.net R3	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
bordeaux.futurecdn.net R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
champagne.futurecdn.net R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.dotmetrics.net Amazon RSA 2048 M01	`2023-03-01` - `2023-10-21`	8 months	crt.sh
forums.tomsguide.com R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
ads.servebom.com R3	`2023-07-06` - `2023-10-04`	3 months	crt.sh
sommelier.futurehybrid.tech R3	`2023-06-02` - `2023-08-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Frame ID: 6AEC51ABF8E8CB53AF0218E8A85B884E
Requests: 93 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
Frame ID: 71B7DE01D4D64EF5343220F92A750E4F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Android spyware with over 1.5 million downloads sends your data to China — delete these apps right now | Tom's GuideTom's GuideTom's Guide

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

101
Requests

98 %
HTTPS

42 %
IPv6

18
Domains

28
Subdomains

25
IPs

4
Countries

1775 kB
Transfer

7018 kB
Size

19
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Tomsguide/

Search URL Search Domain Scan URL

URL: https://twitter.com/tomsguide

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tomsguide/?hl=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCik8xvfR6s8GQ74QNEGNzwg

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/tomsguidepurch/

Search URL Search Domain Scan URL

URL: https://flipboard.com/@TomsGuide

Search URL Search Domain Scan URL

URL: https://www.awin1.com/awclick.php?awinmid=2961&awinaffid=103504&clickref=tomsguide-de-custom-tracking&p=https%3A%2F%2Fwww.magazinesdirect.com%2Fcategories%2Ftech%2F
Title: Technology Magazines

Search URL Search Domain Scan URL

URL: https://forums.tomsguide.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now&url=https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&title=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&media=https://cdn.mos.cms.futurecdn.net/rPxt4rc6N6P7dx7rZkcMwK-1200-80.jpg

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?title=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now&url=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Search URL Search Domain Scan URL

URL: https://blog.pradeo.com/spyware-tied-china-found-google-play-store
Title: Pradeo

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/apps-with-15m-installs-on-google-play-send-your-data-to-china/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: https://www.awin1.com/pclick.php?clickref=tomsguide-de-custom-tracking&p=35925466810&a=103504&m=11355

Search URL Search Domain Scan URL

URL: https://store.google.com/de/config/pixel_7a

Search URL Search Domain Scan URL

URL: https://target.georiot.com/Proxy.ashx?tsid=45724&GR_URL=https%3A%2F%2Fwww.amazon.de%2Fdp%2FB0BZYNGVDK%2Fref%3Dasc_df_B0BZYNGVDK1688648460000%2F%3Ftag%3Dtechracom00-21%26creative%3D22662%26creativeASIN%3DB0BZYNGVDK%26linkCode%3Ddf0%26ascsubtag%3Dtomsguide-de-custom-tracking-21

Search URL Search Domain Scan URL

URL: https://target.georiot.com/Proxy.ashx?tsid=45724&GR_URL=https%3A%2F%2Famazon.de%2Ftryprimefree%3Ftag%3Dtechracom00-21%26ascsubtag%3Dhawk-custom-tracking-21

Search URL Search Domain Scan URL

URL: http://www.futureplc.com/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.futureplc.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://forums.tomsguide.com/threads/android-spyware-with-over-1-5-million-downloads-sends-your-data-to-china-%E2%80%94-delete-these-apps-right-now.518857/
Title: Comment from the forums

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/
Title: Visit our corporate site

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/
Title: Terms and conditions

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/contact/
Title: Contact Future's experts

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy/
Title: Cookies policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement/
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://go.future-advertising.com/Toms-Guide-Media-Kit.html
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/careers/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now Show response
www.tomsguide.com/news/ 441 KB
73 KB 157ms
44ms Document
text/html 199.232.198.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.198.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d0bbfeccebc672bb797c6e8e4c071baf2828129aeebcf48d68bb14057b7ab0fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27901
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60,public
content-encoding: br
content-length: 73430
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Tue, 11 Jul 2023 02:48:36 GMT
expires: Wed, 12 Jul 2023 19:03:35 GMT
last-modified: Mon, 10 Jul 2023 19:03:35 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-age: 1
x-article-id: RWLQB2f9eZuu9T54UWqAMA
x-cache: HIT
x-cache-hits: 36, 23
x-country-code: US
x-country-code-real: DE
x-frame-options: SAMEORIGIN
x-ftr-backend: varnish-leopard
x-ftr-backend-server: vanilla-leopard-http-cache-prod-03
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-ftr-cache-status: HIT
x-ftr-request-id: 042bb6f9-8d73-4dd9-a272-e01db826fc07 00000000000000000000FFFF9D344535:754C_00000000000000000000FFFFB9711938:01BB_64AC5608_4CEF65C:C91DE
x-modified-date: 1689015744
x-served-by: cache-lon4253-LON, cache-cph2320028-CPH
x-timer: S1689043717.735241,VS0,VE0
xkey: tomsguide-platform-responsive tomsguide-article-RWLQB2f9eZuu9T54UWqAMA tomsguide-articletype-news tomsguide-articletemplate-standard tomsguide-article-age-recent tomsguide-region-US tomsguide-language-en tomsguide-modifieddate-1689015744 tomsguide-author-YzgwrKLc9VjCzx2zzTadsX tomsguide-tag-kPwpbCghZfzt8CWrLGsuM tomsguide-version-721472 tomsguide-server-phpfpm-689bddd89f-f2bs7

GET
H2 200 OpenSans-400-Regular.woff2
vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/ 16 KB
17 KB 405ms
22ms Font
font/woff2 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/OpenSans-400-Regular.woff2

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 37647
x-ftr-backend: van-prod
content-length: 16743
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-02
x-ftr-request-id: 00000000000000000000FFFFC0DD7815:E24C_00000000000000000000FFFFB971193B:0050_64AC2FF5_D680C7:1C0538
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 09 Aug 2023 16:21:10 GMT

GET
H2 200 OpenSans-600-SemiBold.woff2
vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/ 16 KB
17 KB 426ms
44ms Font
font/woff2 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/OpenSans-600-SemiBold.woff2

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 37647
x-ftr-backend: van-prod
content-length: 16819
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-01
x-ftr-request-id: 00000000000000000000FFFF041AF30F:E711_00000000000000000000FFFFB971193C:0050_64AC2FF5_D77EE9:4655D
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 09 Aug 2023 16:21:10 GMT

GET
H2 200 rPxt4rc6N6P7dx7rZkcMwK-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 21 KB
21 KB 196ms
25ms Image
image/webp 8.238.30.122
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/rPxt4rc6N6P7dx7rZkcMwK-970-80.jpg.webp
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.238.30.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 942c7e43f93c0f8f7c1fc4a7123a4e7b827943e803a38f23d4bcb1c3187bdef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
x-backend: default
x-svc-env: prod
age: 210714
xkey: /proof/rPxt4rc6N6P7dx7rZkcMwK.jpg
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: mos_kodiak
x-ftr-cache-status: MISS
content-length: 21038
x-svc-build-time: Fri Jun 30 11:55:09 UTC 2023
x-ftr-balancer: bulkproxyprodred
x-served-by: kodiak-varnish-75df8db46-vjfjl
x-ftr-request-id: 00000000:EB68_00000000:0050_64A98BEB_4968C1:67E6
x-svc-go-version: 1.19
server: Footprint Distributor V6.1.1162
etag: f2f3bad20c87a8f98e9c18984d941054
x-svc-name: kodiak-mos-adapter-svc
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-ftr-backend-server: kube
cache-control: max-age=5184000
access-control-allow-credentials: true
access-control-max-age: 1728000
x-svc-version: latest
accept-ranges: bytes
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Wed, 06 Sep 2023 16:33:34 GMT

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/unified/ 123 KB
36 KB 87ms
25ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc08e3ae4d5ca5ceacf0011a84234111b2d5f7bdf186d030ffa3d817aa6cdf42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:38:31 GMT
content-encoding: br
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 14:26:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 607
x-amz-server-side-encryption: AES256
etag: W/"e36c82b92b946b2bfb7ac57e109ff6fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ZpSLOsqJpfqJlqwBzFZrDar0cW91O_Vgz10yvHh0yZ7Tq0cE6oAe_g==

GET
H2 200 externals.js Show response
slice.vanilla.futurecdn.net/12-5-1/js/ 137 KB
39 KB 126ms
36ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://slice.vanilla.futurecdn.net/12-5-1/js/externals.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f65329a3db68a68c542fe17485430268a4f86882c6e579344e42a862d43ef2b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31536000
age: 49493
x-cache: HIT
x-ftr-backend: van-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39373
x-served-by: cache-cph2320048-CPH
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id: 00000000000000000000FFFF8CF84536:BFF8_00000000000000000000FFFFB9711938:01BB_64AC01AB_3EC483D:C91DE
last-modified: Mon, 10 Jul 2023 11:50:34 GMT
x-timer: S1689043717.085271,VS0,VE0
etag: W/"22508-1893fa39d99"
vary: accept-encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 376

GET
H2 200 review.js Show response
hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/ 42 KB
9 KB 132ms
39ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/review.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32d3f2d2eafcec241c566edad04801fe72cf6c4829bbf413fc9012918b770b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:36 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 993344
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Fri, 28 Jun 2024 14:52:52 GMT
x-ftr-balancer: hawkproxyprodred
x-served-by: cache-lon420133-LON, cache-cph2320040-CPH
x-ftr-request-id: 00000000:C8B2_00000000:01BB_649D9C5D_EB964:7BA3
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.919221,VS0,VE1
etag: W/"649d9897-a610"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length: 8892
accept-ranges: bytes
x-cache-hits: 19, 1

GET
H2 200 promotion.js Show response
hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/ 4 KB
2 KB 131ms
38ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/promotion.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f30512918099b651f305fa9c9c508b9e10ba105f0e89d8ad6af79c19bea1a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:36 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 993056
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Fri, 28 Jun 2024 14:57:40 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-served-by: cache-lon4245-LON, cache-cph2320040-CPH
x-ftr-request-id: 00000000:08B0_00000000:01BB_649D9C2A_2E426:444A
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.919176,VS0,VE1
etag: W/"649d9897-10ac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length: 1217
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 review.min.css
hawk.tomsguide.com/css/browser/16.45.11-376f65117c7a063a45926a16f88abe741e709523/ 29 KB
4 KB 140ms
49ms Stylesheet
text/css 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/16.45.11-376f65117c7a063a45926a16f88abe741e709523/review.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d5939975488940d778f3624c1c8f2928f92da1732a66c0473ac7422eaac296d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:36 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 993344
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Fri, 28 Jun 2024 14:52:52 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-served-by: cache-lon420100-LON, cache-cph2320025-CPH
x-ftr-request-id: 00000000:A4AE_00000000:01BB_649D9C5B_B3782:444B
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.919960,VS0,VE5
etag: W/"649d9897-74e5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length: 3415
accept-ranges: bytes
x-cache-hits: 21, 1

GET
H2 200 promotion.min.css
hawk.tomsguide.com/css/browser/16.45.11-376f65117c7a063a45926a16f88abe741e709523/ 3 KB
843 B 155ms
63ms Stylesheet
text/css 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/16.45.11-376f65117c7a063a45926a16f88abe741e709523/promotion.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fed4700f4f76da1d8459e06c3a314aa668153786615670cbf031e836f9f415d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:36 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 993058
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, MISS
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Fri, 28 Jun 2024 14:57:38 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-served-by: cache-lon420094-LON, cache-cph2320025-CPH
x-ftr-request-id: 00000000:7166_00000000:01BB_649D9C28_B2E62:444B
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.919960,VS0,VE25
etag: W/"649d9897-bf5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
content-length: 601
accept-ranges: bytes
x-cache-hits: 224, 0

GET
H2 200 tg.min.css
hawk.tomsguide.com/css/browser/ 6 KB
3 KB 131ms
40ms Stylesheet
text/css 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/tg.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

040c88d30b344fd51ca569f2e4d59beaf962d110ff4696e2ed9e09bd9ca73c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:36 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 25444
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Thu, 29 Jun 2023 15:28:17 GMT
x-ftr-balancer: hawkproxyprodblue
x-served-by: cache-lon4254-LON, cache-cph2320025-CPH
x-ftr-request-id: 00000000:5BFE_00000000:01BB_649D9E60_401DE:40CF
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.920191,VS0,VE1
etag: W/"649d9897-1740"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
x-resp-is-stale: true
content-length: 1987
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 responsive.js Show response
hawk.tomsguide.com/js/w/es6/ 637 KB
165 KB 240ms
149ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/responsive.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4040290703d94ad9092a22be3c859871891c1bda52c71c2d9d85d1b38da8b8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 632
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, MISS
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Sat, 08 Jul 2023 22:16:12 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-served-by: cache-lon420102-LON, cache-cph2320040-CPH
x-ftr-request-id: 00000000:B0BE_00000000:01BB_64A9DB7D_D7F145:2968
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.919199,VS0,VE109
etag: W/"649d9897-9f52b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
content-length: 168650
accept-ranges: bytes
x-cache-hits: 18, 0

GET
H2 200 responsive.min.css
hawk.tomsguide.com/css/browser/ 208 KB
19 KB 132ms
40ms Stylesheet
text/css 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/responsive.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0606ec5f5b4e4feacdd1fbd70ad116b412145c03130fcb15c3b4f849921f47f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:36 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 25810
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Thu, 29 Jun 2023 15:28:14 GMT
x-ftr-balancer: hawkproxyprodblue
x-served-by: cache-lon4240-LON, cache-cph2320025-CPH
x-ftr-request-id: 00000000:3D56_00000000:01BB_649D9E62_83D97:40D2
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.920176,VS0,VE2
etag: W/"649d9897-34016"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
x-resp-is-stale: true
content-length: 19516
accept-ranges: bytes
x-cache-hits: 53, 1

GET
H2 200 tomsguide.min.css
vanilla.futurecdn.net/tomsguide/721472/media/css/ 352 KB
48 KB 359ms
22ms Stylesheet
text/css 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/721472/media/css/tomsguide.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

ab048b1dfad5fa4a3f3ed03f22852f6e23506da28c641164e50ba21c5d3c1c6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 37659
x-ftr-backend: van-prod
content-length: 48316
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-01
x-ftr-request-id: 00000000000000000000FFFF08FE4793:60D7_00000000000000000000FFFFB971193C:0050_64AC2FEA_D77ADD:4655D
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 09 Aug 2023 16:22:02 GMT

GET
H2 200 missing-image.svg
vanilla.futurecdn.net/tomsguide/media/img/ 15 KB
4 KB 197ms
27ms Image
image/svg+xml 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanilla.futurecdn.net/tomsguide/media/img/missing-image.svg

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

5a292d2f224a634f7f47110eaeebd9b006c25a24bdde2099bd6475ce7f565579

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2544982
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 3936
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:BC99_00000000:0050_6485EDAB_4037B:434B
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Tue, 11 Jul 2023 15:52:17 GMT

GET
H2 200 6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js Show response
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 929 KB
272 KB 127ms
52ms Script
application/javascript 2606:4700:4400::ac40:9256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faaea6c49a36911019be9023e8ebc54cf3b95149dcb5f17fa71a02ab6fb03558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 6093eccf-6734-4877-ac8b-83d6d0e27b46
age: 0
x-guploader-uploadid: ADPycdsOqgGQx18lgdgr4hudAss9T__84yi18BlAp8WS_oU6UR9bZOsPqbHMZRydmeYeENfEaGERa2GPHd22GeT5ADrdPvwMxq5x
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 03 Jul 2023 09:25:58 GMT
server: cloudflare
etag: W/"b928446517bc81b77467c2df97e5fb1c"
vary: Accept-Encoding
x-goog-generation: 1688376358554904
content-type: application/javascript
x-goog-hash: crc32c=EStNfA==, md5=uShEZRe8gbd0Z8Lfl+X7HA==
cache-control: public, max-age=900
x-goog-stored-content-length: 299974
timing-allow-origin: *
cf-ray: 7e4dba7faa5f912e-FRA
expires: Tue, 11 Jul 2023 03:03:37 GMT

GET
H2 200 freyr.js Show response
freyr.futurecdn.net/ 71 KB
18 KB 99ms
24ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://freyr.futurecdn.net/freyr.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Resource Hash

6fb5831c785d0168112c1fbd798f5e3c1d517e9154037a806f3e78716a073654

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 30 Jun 2023 12:34:58 GMT
etag: W/"649ecbf2-11c2c"
freyr-version: 6.2.1
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hw: 1689043717.cds280.fr8.hn,1689043717.cds202.fr8.c
cache-control: max-age=1456
accept-ranges: bytes
content-length: 17888

GET
H2 200 US.svg
vanilla.futurecdn.net/tomsguide/media/shared/img/flags/nosize/ 3 KB
1 KB 197ms
28ms Image
image/svg+xml 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/img/flags/nosize/US.svg

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 400840
x-ftr-backend: van-prod
content-length: 424
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-02
x-ftr-request-id: 00000000000000000000FFFFC0DD7813:BE79_00000000000000000000FFFFB971193B:0050_64A6A53D_50E96E:1C0538
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Sat, 05 Aug 2023 11:27:57 GMT

GET
H2 200 missing-image.svg
www.tomsguide.com/media/img/ 15 KB
4 KB 48ms
44ms Image
image/svg+xml 199.232.198.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tomsguide.com/media/img/missing-image.svg

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.198.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a292d2f224a634f7f47110eaeebd9b006c25a24bdde2099bd6475ce7f565579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 27 Jul 2023 01:58:53 GMT
date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000
age: 1212583
x-cache: HIT
x-ftr-backend: varnish-leopard
x-age: 0
x-ftr-cache-status: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4086
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-served-by: cache-lon420084-LON, cache-cph2320028-CPH
x-ftr-request-id: 00000000000000000000FFFF9D344554:CE2A_00000000000000000000FFFFB9711938:01BB_649A425D_6D01A2C:3F22C1
last-modified: Mon, 26 Jun 2023 15:41:06 GMT
x-country-code-real: DE
x-timer: S1689043717.006858,VS0,VE0
etag: "6499b192-3b89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-ftr-backend-server: vanilla-leopard-http-cache-prod-02
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-country-code: US
x-cache-hits: 11, 427

GET
H2 200 hawklinks.js Show response
hawk.tomsguide.com/hl/es6/ 202 KB
52 KB 128ms
42ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/hl/es6/hawklinks.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ce64814d2dd078a6529b062293f401a7870db0bc96bb1c732c018c8178fea2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:36 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 24876
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Mon, 10 Jul 2023 10:33:35 GMT
x-ftr-balancer: hawkproxyprodblue
x-served-by: cache-lon4222-LON, cache-cph2320040-CPH
x-ftr-request-id: 00000000:6ED8_00000000:01BB_64ABD9D1_13F0B48:6575
last-modified: Mon, 10 Jul 2023 09:39:11 GMT
x-timer: S1689043717.919190,VS0,VE1
etag: W/"64abd1bf-32601"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
x-resp-is-stale: true
content-length: 52166
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 p.js Show response
cdn.parsely.com/keys/tomsguide.com/ 62 KB
23 KB 80ms
23ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/tomsguide.com/p.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 84e7dffb1f30b83c7f5bba270eab962804321446be09c916afe962b9667f68f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Jul 2023 13:30:33 GMT
content-encoding: gzip
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
last-modified: Fri, 30 Jun 2023 14:10:12 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 47884
etag: W/"649ee244-f6f9"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: YaMGYCl987NJTnTD17R1L_I3dWg6iWpVuc_xVhQIJsPdl9OqqKqMMw==
expires: Tue, 11 Jul 2023 13:30:33 GMT

GET
H2 200 tg.min.css
hawk.tomsguide.com/css/browser/ 6 KB
2 KB 40ms
37ms Other
text/css 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/tg.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

040c88d30b344fd51ca569f2e4d59beaf962d110ff4696e2ed9e09bd9ca73c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 25444
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Thu, 29 Jun 2023 15:28:17 GMT
x-ftr-balancer: hawkproxyprodblue
x-served-by: cache-lon4254-LON, cache-cph2320025-CPH
x-ftr-request-id: 00000000:5BFE_00000000:01BB_649D9E60_401DE:40CF
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043717.001736,VS0,VE0
etag: W/"649d9897-1740"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
x-resp-is-stale: true
content-length: 1987
accept-ranges: bytes
x-cache-hits: 8, 3

GET
H2 200 tomsguide.woff
vanilla.futurecdn.net/tomsguide/721472/media/fonts/ 7 KB
8 KB 207ms
23ms Font
font/woff 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/721472/media/fonts/tomsguide.woff

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

db19a20a4f38fc3a68afe595388f29b42587ce4e74bd4cb1d3a9f65972c28ea6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 37647
x-ftr-backend: van-prod
content-length: 7042
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-02
x-ftr-request-id: 00000000000000000000FFFF041AF31B:50C5_00000000000000000000FFFFB971193B:0050_64AC2FF6_D680CB:1C0538
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 09 Aug 2023 16:22:02 GMT

GET
H2 200 bordeaux.js Show response
bordeaux.futurecdn.net/ 333 KB
97 KB 94ms
26ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Resource Hash

75f5930d88241952e87417c57e6b8507e2d2192c609e5c87d3c9aac1178c44ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
bordeaux-version: latest
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 05 Jul 2023 15:24:13 GMT
etag: W/"64a58b1d-535cf"
x-hw: 1689043717.cds237.fr8.hn,1689043717.cds332.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 99049

GET
H2 200 champagne.js Show response
champagne.futurecdn.net/ 45 KB
15 KB 90ms
27ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://champagne.futurecdn.net/champagne.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Resource Hash

96843e111f22b76006ae527ce1e7e40770c715a0c00cb8ab99c1824dd1f2e129

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 27 Jun 2023 09:45:27 GMT
champagne-version: latest
etag: W/"649aafb7-b23f"
x-hw: 1689043717.cds257.fr8.hn,1689043717.cds131.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=213
accept-ranges: bytes
content-length: 15210

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 115ms
26ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 01:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6240
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 11 Jul 2023 03:04:37 GMT

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 10 KB
4 KB 138ms
53ms Script
application/javascript 99.86.4.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?d=www.tomsguide.com&t=tg
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-88.fra6.r.cloudfront.net
Software: Kestrel /
Resource Hash: 792e0406b3c8061ef7d9f3b83b69a71c44f9f8381895d60af165a919c1da55cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA6-C1
etag: ".www.tomsguide.com.tg.226.2023071102"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: application/javascript
cache-control: private
x-amz-cf-id: PMIpPSyFJsH4iVXYedr-S36VyYvUNKk3JvW7MhxctZ-ZjQJ3GBXz4A==

GET
H2 200 OpenSans-300-Light.woff2
vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/ 16 KB
17 KB 161ms
23ms Font
font/woff2 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/OpenSans-300-Light.woff2

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 37614
x-ftr-backend: van-prod
content-length: 16835
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-02
x-ftr-request-id: 00000000000000000000FFFF08FE4785:AEFB_00000000000000000000FFFFB971193B:0050_64AC3017_D68715:1C0538
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 09 Aug 2023 16:22:33 GMT

GET
H2 200 OpenSans-700-Bold.woff2
vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/ 16 KB
17 KB 161ms
23ms Font
font/woff2 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/721472/media/shared/fonts/OpenSans-700-Bold.woff2

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 37646
x-ftr-backend: van-prod
content-length: 16383
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-02
x-ftr-request-id: 00000000000000000000FFFFC0DD780D:958D_00000000000000000000FFFFB971193B:0050_64AC2FF6_D680E3:1C0538
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 09 Aug 2023 16:22:03 GMT

GET
H2 200 hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
mos.fie.futurecdn.net/logos/models/ 14 KB
14 KB 108ms
23ms Image
image/jpeg 8.238.30.122
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mos.fie.futurecdn.net/logos/models/hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.238.30.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
x-ftr-cache-resized-status: MISS
age: 1321893
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: s3-futureplc-engineering-accessors,mos
content-length: 14272
x-ftr-balancer: cleversafe-proxy-2,bulkproxyprodred
x-ftr-request-id: 00000000:993E_00000000:0050_62BDFB60_2E90FAA:5071,00000000:742E_00000000:0050_62BDFB60_7F515B:4FD2
last-modified: Thu, 29 Oct 2020 21:40:57 GMT
server: nginx
etag: "8d6a8139d9085d797db649ca8cd161d5"
content-type: image/jpeg
x-ftr-backend-server: cs-acc-s3-futureplc-engineering-3.corp,mos05
cache-control: max-age=2592000
accept-ranges: bytes
x-ftr-cache-host: moscache05
expires: Tue, 25 Jul 2023 19:37:04 GMT

GET
H2 200 main.35302d21eac335a2b957.bundle.js Show response
vanilla.futurecdn.net/tomsguide/721472/media/shared/js/ 324 KB
85 KB 28ms
27ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

c3148c885d31849c2f4bcd7ffd027d6e54b48f24d3563b9d26da28fdf149cf94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 37642
x-ftr-backend: van-prod
content-length: 85992
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-02
x-ftr-request-id: 00000000000000000000FFFF041AF317:5EB3_00000000000000000000FFFFB971193B:0050_64AC2FFB_D68161:1C0538
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 09 Aug 2023 16:21:15 GMT

GET
H2 200 2783461.jpg
forums.tomsguide.com/data/avatars/s/2783/ 2 KB
2 KB 499ms
160ms Image
image/jpeg 140.82.17.16
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forums.tomsguide.com/data/avatars/s/2783/2783461.jpg?1689010681

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

140.82.17.16 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

140.82.17.16.vultrusercontent.com

Software

nginx /

Resource Hash

a32ba252306804a3704242406fd8d70fa1bf9f2c3ef4cb7009f742ec0e64d987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 17:38:03 GMT
server: nginx
etag: "64ac41fb-6c3"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1731
expires: Wed, 10 Jul 2024 02:48:37 GMT

GET
H2 200 hawklinks.js
hawk.tomsguide.com/hl/es6/ 202 KB
52 KB 38ms
36ms Other
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/hl/es6/hawklinks.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ce64814d2dd078a6529b062293f401a7870db0bc96bb1c732c018c8178fea2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 24876
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-expires: Mon, 10 Jul 2023 10:33:35 GMT
x-ftr-balancer: hawkproxyprodblue
x-served-by: cache-lon4222-LON, cache-cph2320040-CPH
x-ftr-request-id: 00000000:6ED8_00000000:01BB_64ABD9D1_13F0B48:6575
last-modified: Mon, 10 Jul 2023 09:39:11 GMT
x-timer: S1689043717.139532,VS0,VE0
etag: W/"64abd1bf-32601"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
x-resp-is-stale: true
content-length: 52166
accept-ranges: bytes
x-cache-hits: 5, 3

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 213ms
51ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1689043717189&plid=3ca44dd3-67ac-4d07-867b-fe63da6039e9&idsite=tomsguide.com&url=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now%22%2C%22hash%22%3A-2095025831%7D%7D&sid=1&surl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&sref=&sts=1689043717165&slts=0&title=Android+spyware+with+over+1.5+million+downloads+sends+your+data+to+China+%E2%80%94+delete+these+apps+right+now+%7C+Tom%27s+Guide&date=Tue+Jul+11+2023+02%3A48%3A37+GMT%2B0000+(GMT)&action=pageview&pvid=10e16c16-e2ca-4c37-a711-8a7c5574eb75&u=pid%3D4cab1951-bdb6-4361-a8e2-93c16bd299b8
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 02:48:37 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 11-Jul-2023 02:48:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ccpa.a84f359e0891ace43228.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.10.1/ 12 KB
4 KB 23ms
23ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.10.1/ccpa.a84f359e0891ace43228.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c615834e388ee114355fa1eb0e353d59bc41b929bcc77552cae19ae4eecc0a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 05:56:06 GMT
content-encoding: gzip
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 17:46:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 77146
x-amz-server-side-encryption: AES256
etag: W/"0b97201433fb0e7708a72d1a922360ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: wIC4o4g_Sopf6bJWu-YcGyCbthehDPz7hIVVfN5l2cpVL1ACNpUnFA==

GET
H2 200 gdpr-tcf.04abc9c12f5845f5ba5b.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.10.1/ 86 KB
18 KB 26ms
26ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.10.1/gdpr-tcf.04abc9c12f5845f5ba5b.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74889fe974fb778a8fc0ab224e1fe77e3ff23cbdeb785d8d4aeca50331e80c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 04:05:13 GMT
content-encoding: br
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 17:46:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 81805
x-amz-server-side-encryption: AES256
etag: W/"7ba347f99e637b198f4edf955b434738"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: p0Ipc-iEKaX_8_XWpuj3GxN1mxGn7nUrVY9-c-GKz3q9759Uh9kECQ==

GET
H2 200 get_site_data Show response
cdn.privacy-mgmt.com/mms/v2/ 206 B
619 B 72ms
26ms XHR
application/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&account_id=200

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Resource Hash

923a222677d5bcc0547e7fc333250d02efc1f59361aab30715090d4d2c95bb0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 10:50:51 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-37-168
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 57466
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: 8OTXCFhQN9rK2km_VxlgggKhSlem1BA6m73tDz1zt9lKiNrCLVWNPw==

GET
H2 200 hybrid_id Show response
ads.servebom.com/ 43 B
357 B 116ms
49ms Fetch
application/json 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servebom.com/hybrid_id
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: dbcef97c1a8f97c694476c4edf72eb5fc0d84331126bf8220f3e3a5352686658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.tomsguide.com
date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 69
x-hw: 1689043717.cds164.fr8.hn,1689043717.cds125.fr8.sc,1689043717.cds125.fr8.p
content-type: application/json

GET
H2 200 / Show response
sommelier.futurehybrid.tech/config/ 12 KB
3 KB 182ms
50ms Fetch
application/json 52.208.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sommelier.futurehybrid.tech/config/?r=230&tpl=article&l=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&sw=1600

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.208.139.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-139-32.eu-west-1.compute.amazonaws.com

Software

Resource Hash

659b00c8dbdc858debfe5f9f41ec76032c7aa04488221f6027933ea81be72ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 11 Jul 2023 02:48:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H3 200 merchant-domains.php Show response
hawk.tomsguide.com/ 589 KB
88 KB 45ms
44ms Fetch
application/json 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/merchant-domains.php?site=TOMSGUIDE

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/hl/es6/hawklinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

666e1dd03b38a362a394ce48f249710f27c0d25f3abed7382bb81d2167757bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 25790
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 89609
x-ftr-expires: Mon, 10 Jul 2023 19:58:46 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer: hawk-proxy-185-113-25-40
x-served-by: cache-lon4239-LON, cache-cph2320041-CPH
x-ftr-request-id: 00000000:0E34_00000000:01BB_64AC5E47_DF196:07B5
x-timer: S1689043718.505334,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
x-resp-is-stale: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 5, 1

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 147ms
65ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tomsguide.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
BLOB 200
OK 63f87d97-4e01-46c9-a8db-aada9476e3a6
https://www.tomsguide.com/ 561 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tomsguide.com/63f87d97-4e01-46c9-a8db-aada9476e3a6
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b22acb8a53f69a5efe42d7fe3b7fc7d40c238ac185a79de021ee9bcede2dd2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 574471
Content-Type

GET
H2 200 gallery.e0bbe329a8970e4177fe.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 15 KB
6 KB 23ms
23ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/gallery.e0bbe329a8970e4177fe.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

447d7abe57dbd776bd8f89d2e89bc99171027968ba2fabd1e174c7752f0eeae2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 132183
x-ftr-backend: van-prod
content-length: 5040
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-01
x-ftr-request-id: 00000000000000000000FFFFC0DD7819:96A8_00000000000000000000FFFFB971193C:0050_64AABEAE_B0FD22:4655D
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Tue, 08 Aug 2023 14:05:34 GMT

GET
H2 200 enlarge-images.af98e9834bf4bfaa40f3.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 1 KB
1 KB 24ms
23ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/enlarge-images.af98e9834bf4bfaa40f3.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

97f0fc9077ca0a5d3f08dd42db0a0a127b80635075614145ff2d5db334baf3b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 1940575
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 735
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:61AE_00000000:0050_648F26A6_24A35:1922
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Tue, 18 Jul 2023 15:45:42 GMT

GET
H2 200 fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 26ms
25ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/fancy-box-resize.5a260cb5f1fd5d018fa5.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

da17d99d56c61ad80a802664c2c6a262c73471927afdee1c9181d6a72a7ae0f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 472847
x-ftr-backend: van-prod
content-length: 866
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-02
x-ftr-request-id: 00000000000000000000FFFF08FE478F:91E5_00000000000000000000FFFFB971193B:0050_64A58BF6_343C05:1C0538
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Fri, 04 Aug 2023 15:27:55 GMT

GET
H2 200 topics.71b67ce542657ad41ca9.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 813 B
1 KB 24ms
23ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/topics.71b67ce542657ad41ca9.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

1906bfb11b42a27b7c44ac855494b0025f2aa2be055cde98901fbf5451e36bfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 1353832
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 487
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprod01
x-ftr-request-id: 00000000:606A_00000000:0050_64981A98_17F0E8:43D2
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Tue, 25 Jul 2023 10:44:46 GMT

GET
H2 200 xenforo-comments-readmore.cb973ab2105a7b8cf934.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 25ms
24ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/xenforo-comments-readmore.cb973ab2105a7b8cf934.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

334185ca1cfeaa0f0dea7041508b23c65a07b2a9d0928d8b7db9944a65db1868

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 574328
x-ftr-backend: van-prod
content-length: 975
x-xss-protection: 1; mode=block
x-ftr-balancer: web-http-proxy-prod-01
x-ftr-request-id: 00000000000000000000FFFF08FE4785:8558_00000000000000000000FFFFB971193C:0050_64A3FF8D_218D3:4655D
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Thu, 03 Aug 2023 11:16:30 GMT

GET
H2 200 jwplayer-analytics.f09c837d4cf317bc6b66.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 3 KB
2 KB 23ms
23ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-analytics.f09c837d4cf317bc6b66.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

f007264e45ea5880d979fdd40197b3a5e90f1d73aaa80517002d33866f6e9689

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 1389
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprod01
x-ftr-request-id: 00000000:865B_00000000:0050_648DFBA8_2AD4C7:393C
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 jwplayer-autopause.2f0709ed947cc688d5b6.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 1 KB
1 KB 24ms
23ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-autopause.2f0709ed947cc688d5b6.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

408953b32fc5f1a326491d6713a8c98cccc5df5ae9bda35143b87251ecae6ba4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 656
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprod01
x-ftr-request-id: 00000000:58B0_00000000:0050_648DFBA8_2AD4CA:393C
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:01 GMT

GET
H2 200 jwplayer-sticky-desktop.fcf29b431a42acc1e7fb.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 5 KB
3 KB 24ms
23ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-sticky-desktop.fcf29b431a42acc1e7fb.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

e0fd2925de57469dcf43d697e3862fb6c7d8fcc6bf18cc5cc672c636265203ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 1859071
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 2156
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:B869_00000000:0050_64906506_137EBD:1922
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 19 Jul 2023 14:24:06 GMT

GET
H2 200 jwplayer-sticky-mobile-editorial.2f2b75ffbc1a190de393.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 8 KB
4 KB 24ms
24ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-sticky-mobile-editorial.2f2b75ffbc1a190de393.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

c2de89470c044e0860d1605fe0125f65c17f39337430625ff823773d0341f8cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 1859071
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 2939
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:E218_00000000:0050_64906506_137EBE:1922
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Wed, 19 Jul 2023 14:37:00 GMT

GET
H2 200 jwplayer-unmute.1f3f44a98f862518aab2.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 25ms
23ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-unmute.1f3f44a98f862518aab2.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

9a6ef406ed57c90ef9395bd58fd35f80c39d27d47c01543b91fe6efbd63ebfe9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 1224
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprod01
x-ftr-request-id: 00000000:9F28_00000000:0050_648DFBA8_2AD4C8:393C
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 jwplayer-carousel-desktop-responsive.32414796e1cb19cf9d93.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 11 KB
4 KB 106ms
105ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-carousel-desktop-responsive.32414796e1cb19cf9d93.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

32e61e093357c529c4110815bb51daa1c0d875de3dd285bd88dde4f038d8ac61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 1780169
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 3783
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:B993_00000000:0050_6491993C_1437F7:1921
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Thu, 20 Jul 2023 12:35:02 GMT

GET
H2 200 jwplayer-carousel-mobile-responsive.6fec796a972e2334c6e3.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 20 KB
6 KB 107ms
105ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-carousel-mobile-responsive.6fec796a972e2334c6e3.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

6b92a8751cd899c494919ac63de48be431e96e3748fe3c2d656a11c37d6b41d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 1780169
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 5655
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:4F33_00000000:0050_6491993C_247104:1922
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Thu, 20 Jul 2023 12:40:13 GMT

GET
H2 200 table-scroll.de29431e22229a66494f.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 3 KB
2 KB 109ms
107ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/table-scroll.de29431e22229a66494f.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

35c1343f6e699d96dc925f0c687a3f425b35e6353dc9f04d602c976ff49513ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 1418
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprod01
x-ftr-request-id: 00000000:9B17_00000000:0050_648DFBA5_33B753:393D
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 embed-resize.7f2210cf371ab2fd9e1e.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 1 KB
1 KB 109ms
108ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/embed-resize.7f2210cf371ab2fd9e1e.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

e79f4f9f6aae9312b88f53cc5460fdbce381b65af4afc3efc780efe69cd2dd36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 675
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprod01
x-ftr-request-id: 00000000:5A9C_00000000:0050_648DFBA8_2AD4C9:393C
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 open-ahead-embeds.fb0f658d8327004e8e27.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 109ms
108ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/open-ahead-embeds.fb0f658d8327004e8e27.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

cc81bc53c42dfa7b245db0c9dd762fdae158696447473aa9d96a3234f0ae4224

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 869
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:E90C_00000000:0050_648DFBA8_140EE7:3977
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 suggestion-box.475bccaf934ab20cb47d.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 19 KB
3 KB 109ms
108ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/suggestion-box.475bccaf934ab20cb47d.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

6452632e0809dc55545230ae74ecce7fbf7dff3b8e5217a40ae9aa349ffe754f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 2816
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:A40A_00000000:0050_648DFBA8_CEA85:3976
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 sticky-footer.7c67f83306775277399d.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 109ms
109ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/sticky-footer.7c67f83306775277399d.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

74a0f7b7b1a43fc4397bf7aefc19396ccd770140e6af0ab2fe607ed3a5eab1fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 1087
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:EC71_00000000:0050_648DFBA7_CEA77:3976
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 nav-subscribe.3a2570e6f67fc78f8bcb.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 109ms
108ms Script
application/javascript 67.27.159.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/nav-subscribe.3a2570e6f67fc78f8bcb.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/721472/media/shared/js/main.35302d21eac335a2b957.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.27.159.250 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

ac6c1e00ead4a9f42ae231bbb76c6ce6bb0da60d47a2ec485e146714fd5eb05a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-cs-bucket: van-ass-prod
strict-transport-security: max-age=31536000; includeSubDomains
age: 2017117
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: van-prod
content-length: 1001
x-xss-protection: 1; mode=block
x-ftr-balancer: webproxyprodred
x-ftr-request-id: 00000000:776F_00000000:0050_648DFBA8_140EE8:3977
referrer-policy: no-referrer-when-downgrade
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-smartersafe-version
expires: Mon, 17 Jul 2023 18:30:00 GMT

GET
H2 200 UV63HPJAScLHzRFRjY9wZC-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 25 KB
26 KB 24ms
24ms Image
image/webp 8.238.30.122
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/UV63HPJAScLHzRFRjY9wZC-970-80.jpg.webp
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.238.30.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 50640aeaa73ecc76d23540f0eaf44f992cbc89e5da76b4e8a81720bf2b1ad0df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
x-backend: default
x-svc-env: prod
age: 210910
xkey: /proof/UV63HPJAScLHzRFRjY9wZC.jpg
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: mos_kodiak
x-ftr-cache-status: MISS
content-length: 25864
x-svc-build-time: Fri Jun 30 11:55:09 UTC 2023
x-ftr-balancer: bulkproxyprodred
x-served-by: kodiak-varnish-75df8db46-vjfjl
x-ftr-request-id: 00000000:A328_00000000:0050_64A98B27_4959C1:67E6
x-svc-go-version: 1.19
server: Footprint Distributor V6.1.1162
etag: b866a3dc3707ea0ec1aa74db3836904a
x-svc-name: kodiak-mos-adapter-svc
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-ftr-backend-server: kube
cache-control: max-age=5184000
access-control-allow-credentials: true
access-control-max-age: 1728000
x-svc-version: latest
accept-ranges: bytes
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Wed, 06 Sep 2023 16:19:13 GMT

GET
H2 200 eGLK4s2RPbfA97rVBncuJ8-970-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 61 KB
62 KB 24ms
23ms Image
image/webp 8.238.30.122
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/eGLK4s2RPbfA97rVBncuJ8-970-80.jpg.webp
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.238.30.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: ff9dedfdc5dfae12fe0ba4d19c5634a4d8c26676a341421e342c7bad5bc0f65f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
x-backend: default
x-svc-env: prod
age: 2846039
xkey: /proof/eGLK4s2RPbfA97rVBncuJ8.jpg
x-ftr-dc: uk-lon1
x-ftr-realm: pip
x-ftr-backend: mos_kodiak
x-ftr-cache-status: MISS
content-length: 62200
x-svc-build-time: Tue May 23 15:39:20 UTC 2023
x-ftr-balancer: bulk-proxy-1
x-served-by: kodiak-varnish-564bf95567-t9rtx
x-ftr-request-id: 00000000:539A_00000000:0050_648155AC_AB8BBB:AF2D
x-svc-go-version: 1.19
server: Footprint Distributor V6.1.1162
etag: 0d13eca8f269c8a76f01cefbd185ec9a
x-svc-name: kodiak-mos-adapter-svc
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-ftr-backend-server: kube
cache-control: max-age=5184000
access-control-allow-credentials: true
access-control-max-age: 1728000
x-svc-version: latest
accept-ranges: bytes
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Sat, 12 Aug 2023 02:59:04 GMT

GET
H2 200 popularBox.js Show response
slice.vanilla.futurecdn.net/12-5-1/js/ 11 KB
4 KB 38ms
36ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://slice.vanilla.futurecdn.net/12-5-1/js/popularBox.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3ba09e3cb00b04ed05de55b085ea160a8579de16840030b9fedfd466ef8db060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31536000
age: 49486
x-cache: HIT
x-ftr-backend: van-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3699
x-served-by: cache-cph2320048-CPH
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id: 00000000000000000000FFFF8CF8451A:27A0_00000000000000000000FFFFB9711938:01BB_64AC01B6_3EC6685:C91DE
last-modified: Mon, 10 Jul 2023 11:50:34 GMT
x-timer: S1689043718.594971,VS0,VE0
etag: W/"2cea-1893fa39da5"
vary: accept-encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 62

GET
H2 200 localeSelector.js Show response
slice.vanilla.futurecdn.net/12-5-1/js/ 22 KB
7 KB 39ms
37ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://slice.vanilla.futurecdn.net/12-5-1/js/localeSelector.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0068538e7db5b21d8213cc37f6e8a949a4e689550bfa9f00f7280e16db793033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31536000
age: 49485
x-cache: HIT
x-ftr-backend: van-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6467
x-served-by: cache-cph2320048-CPH
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-1
x-ftr-request-id: 00000000000000000000FFFF8CF8452A:60EC_00000000000000000000FFFFB9711932:01BB_64AC01B6_3FB0F15:206EC7
last-modified: Mon, 10 Jul 2023 11:50:34 GMT
x-timer: S1689043718.595064,VS0,VE0
etag: W/"5741-1893fa39da5"
vary: accept-encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 217

GET
H2 200 regionRedirectBanner.js Show response
slice.vanilla.futurecdn.net/12-5-1/js/ 4 KB
2 KB 40ms
38ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://slice.vanilla.futurecdn.net/12-5-1/js/regionRedirectBanner.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5b778a74d933b8055cb72d4ae7b8c03081db05913f4c56b3c3b4e3bcf9c6824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31536000
age: 49485
x-cache: HIT
x-ftr-backend: van-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1604
x-served-by: cache-cph2320048-CPH
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-ftr-request-id: 00000000000000000000FFFF8CF84516:666E_00000000000000000000FFFFB9711938:01BB_64AC01B6_3EC6684:C91DE
last-modified: Mon, 10 Jul 2023 11:50:34 GMT
x-timer: S1689043718.595063,VS0,VE0
etag: W/"1034-1893fa39da5"
vary: accept-encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ftr-backend-server: http.van-prod
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 295

OPTIONS
H2 200 meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 23ms
23ms Preflight
text/plain 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=200&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=28472&ch=null&scriptVersion=4.10.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tomsguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 69732
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 10 Jul 2023 07:26:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id: PxG7CnFL4SCsZzC_h6tGOLz0XAXsh-QbRk5hAm-sVkgoHG5uID8fUw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 meta-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 301 B
834 B 24ms
24ms XHR
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

14e8c29acc724571bcd79968dd330f657f070429786d5701070c27538be86c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Jul 2023 02:44:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 258
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 301
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: Yec-XeT7mWBdirpumPh7UsT0sxxWDXaw_oajzzwvA3TaUf1z8-ZwTg==

GET
H3 200 translations.php Show response
hawk.tomsguide.com/ 32 KB
11 KB 45ms
44ms Fetch
application/json 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/translations.php?language=en-DE

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20e4bdd7a1634ed3b82ff2f5b6bdd1ec97aca0a87251e9368b4bbb615fe06d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 25730
x-hawk-area: DE
x-ftr-dc: uk-lon1
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 10409
x-ftr-expires: Mon, 10 Jul 2023 19:59:47 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer: hawkproxyprodred
x-served-by: cache-lon4266-LON, cache-cph2320041-CPH
x-ftr-request-id: 00000000:BAA8_00000000:01BB_64AC5E96_F6B33:5137
x-timer: S1689043718.610828,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
x-resp-is-stale: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 6, 1

GET
H2 200 / Show response
r.skimresources.com/api/ 149 B
370 B 94ms
31ms Fetch
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?persistence=1&xguid=01BT2SNRZKMTD96W8181AS0KKC&data={%22pubcode%22:%2292X1584493%22,%22domains%22:[%22tomsguide.com%22,%22pradeo.com%22,%22bleepingcomputer.com%22],%22page%22:%22https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now%22}&checksum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/hl/es6/hawklinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

804530b42c4a1c98f2e0d78d7b657a6fe8772afd6175a2a56353ca958cf1ec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.tomsguide.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 26ms
26ms Preflight
text/plain 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A200%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=425444706425666161ee16&scriptVersion=4.10.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tomsguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 30026
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 10 Jul 2023 18:28:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id: gane_Gkt9h1T-2OArnFP-Rpm-YKh33-ul87V98fM19lIMI7nbiObeA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 messages Show response
cdn.privacy-mgmt.com/wrapper/v2/ 108 KB
11 KB 132ms
131ms XHR
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

8232133e352057ada5295e01a5331a3bced99e86e8f163e75854301fe8c84a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: MAyQSHAvGliutzC0voeN9SafMzRMHoFXp-LdHemp_rrwwJA7DgpR_g==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 154ms
67ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tomsguide.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H3 200 setup-model.js Show response
hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/ 115 KB
29 KB 44ms
44ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/setup-model.js

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

385bb03a788147de28cb24a1f69c233ce2da68b43532c84a28dd38c1b6b3805d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 992760
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 29205
x-ftr-expires: Fri, 28 Jun 2024 15:02:36 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer: hawkproxyprodred
x-served-by: cache-lon420126-LON, cache-cph2320028-CPH
x-ftr-request-id: 00000000:7FBA_00000000:01BB_649D9E37_D5B71:7BA2
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043718.758287,VS0,VE0
etag: W/"649d9897-1cb04"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
x-cache-hits: 103, 98

GET
H2 200 Q1UC4oov Show response
cdn.jwplayer.com/v2/playlists/ 58 KB
8 KB 92ms
23ms Fetch
application/json 2600:9000:225e:4200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/playlists/Q1UC4oov
Requested by: Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-carousel-desktop-responsive.32414796e1cb19cf9d93.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:4200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 39524b75c44ab972a2865692a21724deb0d5ef8cb9c07756b3e4f98951ec0b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:46:24 GMT
content-encoding: gzip
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 133
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-robots-tag: noindex, indexifembedded
content-length: 8174
x-amz-cf-id: my2u6aPFdnb53zeIAHiY9yJuSihzzaSVUYfz4Re8tbtkkGJ7l-8Nbg==
expires: Tue, 11 Jul 2023 02:49:24

GET
H2 200 uW7D3ySO.js Show response
content.jwplatform.com/libraries/ 120 KB
44 KB 93ms
28ms Script
text/javascript 2600:9000:225e:9a00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/uW7D3ySO.js
Requested by: Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/media/shared/js/jwplayer-carousel-desktop-responsive.32414796e1cb19cf9d93.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 63ced1bd536c93c969c9f838f131ac5391c1e3d58c48481f2ef71b553581ef42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:46:24 GMT
content-encoding: gzip
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 133
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 44936
x-amz-cf-id: JVkSKH0GfYyPtImGfSFWHXJ6ZUYNejqHGh9WhkGUBisDXezyVIh2JA==

GET
H2 200 xadLWuJMBMfh54SwoGdSe7-1280-80.jpg.webp
cdn.mos.cms.futurecdn.net/ 81 KB
82 KB 26ms
25ms Image
image/webp 8.238.30.122
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mos.cms.futurecdn.net/xadLWuJMBMfh54SwoGdSe7-1280-80.jpg.webp
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.238.30.122 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: a74e2de90134f5701a5aa677b8fe9123bfb2ccbbeafac17e613cf64d994d5c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
x-backend: default
x-svc-env: prod
age: 31408
xkey: /proof/xadLWuJMBMfh54SwoGdSe7.jpg
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: mos_kodiak
x-ftr-cache-status: MISS
content-length: 82780
x-svc-build-time: Fri Jun 30 11:55:09 UTC 2023
x-ftr-balancer: bulkproxyprodred
x-served-by: kodiak-varnish-75df8db46-vjfjl
x-ftr-request-id: 00000000:B7C4_00000000:0050_64AC4851_7A8D95:67E6
x-svc-go-version: 1.19
server: Footprint Distributor V6.1.1162
etag: 8eb07861ef0104be41472bc7e72b504a
x-svc-name: kodiak-mos-adapter-svc
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
x-ftr-backend-server: kube
cache-control: max-age=5184000
access-control-allow-credentials: true
access-control-max-age: 1728000
x-svc-version: latest
accept-ranges: bytes
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Fri, 08 Sep 2023 18:07:48 GMT

GET
H3 200 widget.php Show response
hawk.tomsguide.com/ 5 KB
2 KB 117ms
115ms Fetch
application/json 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/widget.php?model_name=TechRadar%20Magazines&article_type=news&article_category=phones&language=en-DE&site=TOMSGUIDE&filter_product_types=deals%2Csubscriptions&rows=1&device=desktop&origin=widgets-clientside

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

384a617cdaa564b366bb6e0427a5595db8be102a5ce6e43c7080aede67073fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 1392
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: MISS, MISS
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 1393
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer: hawk-proxy-185-113-25-40
x-served-by: cache-lon420125-LON, cache-cph2320041-CPH
x-ftr-request-id: 00000000:1FEC_00000000:01BB_64ACC305_2B6EC8:07B5
x-timer: S1689043718.819461,VS0,VE72
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 0, 0

OPTIONS
H2 200 pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 26ms
25ms Preflight
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=425444706425666161ee16&scriptVersion=4.10.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tomsguide.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.tomsguide.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 11 Jul 2023 02:48:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id: -MZKpjF4mJFDdGiALSJLrXXgrTv3s37b_EtHLcVQ51dykWcLTOH2uA==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 200 pv-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 195 B
731 B 29ms
28ms XHR
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=425444706425666161ee16&scriptVersion=4.10.1&scriptType=unified

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

05ea913a0cb38f268a5e5744f909d05a363fbefc31ffdcd7f33acd29b67ecb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tomsguide.com
x-cache: Miss from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 195
x-amz-cf-id: fE6cQC0o-Ccgc8rT2EItvbgoRwHb6KgvdQcPy8FpqF-fHBa4Ci7M8A==

GET
H2 200 hit.gif
uk-script.dotmetrics.net/ 43 B
727 B 49ms
49ms Image
image/gif 99.86.4.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uk-script.dotmetrics.net/hit.gif?id=5242&url=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&dom=www.tomsguide.com&r=1689043717889&pvs=1&pvid=3af89df5-d9c7-4341-a53f-3f735b540d6a&c=false&tzOffset=0&doorUrl=http%3a%2f%2fuk-script.dotmetrics.net%2fdoor.js%3fd%3dwww.tomsguide.com%26t%3dtg
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-88.fra6.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:37 GMT
dotmetrics-hit-status: 01 OK
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: image/gif
cache-control: no-cache
x-amz-cf-id: 6IQI69p5Ip3ncBRxPK4EQc1UeNr7N61miGDZ7bR5gri0-86no1q8Pw==

GET
H2 200 hit.gif
rm-script.dotmetrics.net/ 807 B
1 KB 120ms
21ms Image
image/gif 2600:9000:2057:5000:d:5ce3:a4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rm-script.dotmetrics.net/hit.gif?id=5242&url=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&dom=www.tomsguide.com&r=1689043717889&pvs=1&pvid=3af89df5-d9c7-4341-a53f-3f735b540d6a&c=false&tzOffset=0
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5000:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 12:21:24 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 12:25:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 52034
x-amz-server-side-encryption: AES256
etag: "e4f758e6322c8f8abfa1f6eba71ee873"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 807
x-amz-cf-id: Ic4SD9HXX9PfoCHqNJ0ZdE2sKb6DxdnvFxIEDLsLREWgK32UzACKpA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
147 B 32ms
30ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1997156689&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&ul=en-us&de=UTF-8&dt=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now%20%7C%20Tom%27s%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABBAQCACAAI~&jid=1048102257&gjid=1644842600&cid=589811664.1689043718&tid=UA-72111741-10&_gid=2094607942.1689043718&_slc=1&cd57=null&cd40=China&cd41=Data%7CSpyware%7CAndroid%7CDownload%7CMobile_app&cd42=Google&cd43=Software%7CShutterstock&cd45=China&cd46=android&cd47=Android_spyware_with_over_1.5_million_downloads_sends_your_data_to_China_delete_these_apps_right_now&cd50=5&cd51=false&cd58=android%7CPlay_Store%7CGoogle_Play_Store%7Csmartphones%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd1=news&cd2=&cd3=security&cd5=RWLQB2f9eZuu9T54UWqAMA&cd6=%7Candroid%7Cplay_store%7Cgoogle_play_store%7Csmartphones%7Ctype_news%7Cchannel_phones%7Cserversidehawk&cd7=alyse_stanley&cd8=08-07-2023&cd27=721472&cd33=text%2Cimage%2Cheading%2Ctext%2Cembed%2Ctext%2Cheading%2Cimage%2Ctext%2Cheading%2Ctext%2Csection%2Clist%2Cembed&cd53=2023-07-09T15%3A42%3A17Z&cd61=pageLoad&cd95=news&cd99=0&cd106=0&cd126=en&cd127=GB%7CUS%7CAU%7CSG&cd128=09-07-2023&cd134=typenews%7Cchannelphones%7Cserversidehawk&cd31=10&cd30=4g&z=1965951916

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 02:48:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 120ms
29ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72111741-10&cid=589811664.1689043718&jid=1048102257&gjid=1644842600&_gid=2094607942.1689043718&_u=aGBAgEABBAQCAGAAI~&z=1359244826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Jul 2023 02:48:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 23ms
22ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1997156689&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&ul=en-us&de=UTF-8&dt=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now%20%7C%20Tom%27s%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=future_id&ea=set%20hybrid_id&el=&_u=aGBAgEABBAQCAGAAI~&jid=&gjid=&cid=589811664.1689043718&tid=UA-72111741-10&_gid=2094607942.1689043718&cd57=null&cd40=China&cd41=Data%7CSpyware%7CAndroid%7CDownload%7CMobile_app&cd42=Google&cd43=Software%7CShutterstock&cd45=China&cd46=android&cd47=Android_spyware_with_over_1.5_million_downloads_sends_your_data_to_China_delete_these_apps_right_now&cd50=5&cd51=false&cd58=android%7CPlay_Store%7CGoogle_Play_Store%7Csmartphones%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd1=news&cd2=&cd3=security&cd5=RWLQB2f9eZuu9T54UWqAMA&cd6=%7Candroid%7Cplay_store%7Cgoogle_play_store%7Csmartphones%7Ctype_news%7Cchannel_phones%7Cserversidehawk&cd7=alyse_stanley&cd8=08-07-2023&cd27=721472&cd33=text%2Cimage%2Cheading%2Ctext%2Cembed%2Ctext%2Cheading%2Cimage%2Ctext%2Cheading%2Ctext%2Csection%2Clist%2Cembed&cd53=2023-07-09T15%3A42%3A17Z&cd61=pageLoad&cd95=news&cd99=0&cd106=0&cd126=en&cd127=GB%7CUS%7CAU%7CSG&cd128=09-07-2023&cd134=typenews%7Cchannelphones%7Cserversidehawk&cd31=10&cd30=4g&cd77=4B17006CEC59479A83CC2D6592D8A31F&z=1819755200

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 08:24:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66227
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 23ms
23ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1997156689&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&ul=en-us&de=UTF-8&dt=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now%20%7C%20Tom%27s%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=jwplayer&ea=jwplayerVideoPresent&_u=aGBAgEABBAQCAGAAI~&jid=&gjid=&cid=589811664.1689043718&tid=UA-72111741-10&_gid=2094607942.1689043718&cd57=null&cd40=China&cd41=Data%7CSpyware%7CAndroid%7CDownload%7CMobile_app&cd42=Google&cd43=Software%7CShutterstock&cd45=China&cd46=android&cd47=Android_spyware_with_over_1.5_million_downloads_sends_your_data_to_China_delete_these_apps_right_now&cd50=5&cd51=false&cd58=android%7CPlay_Store%7CGoogle_Play_Store%7Csmartphones%7CSecurity&cd74=&cd13=false&cd10=EN-US&cd1=news&cd2=&cd3=security&cd5=RWLQB2f9eZuu9T54UWqAMA&cd6=%7Candroid%7Cplay_store%7Cgoogle_play_store%7Csmartphones%7Ctype_news%7Cchannel_phones%7Cserversidehawk&cd7=alyse_stanley&cd8=08-07-2023&cd27=721472&cd33=text%2Cimage%2Cheading%2Ctext%2Cembed%2Ctext%2Cheading%2Cimage%2Ctext%2Cheading%2Ctext%2Csection%2Clist%2Cembed&cd53=2023-07-09T15%3A42%3A17Z&cd61=pageLoad&cd95=news&cd99=0&cd106=0&cd126=en&cd127=GB%7CUS%7CAU%7CSG&cd128=09-07-2023&cd134=typenews%7Cchannelphones%7Cserversidehawk&cd31=10&cd30=4g&z=2110468776

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 08:24:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66227
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
cdn.privacy-mgmt.com/ Frame 71B7 5 KB
2 KB 23ms
22ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ba41f7a32e9dc3461105acd1061ad1f2cf47b7d498ce4780ede78e647a249aa

Request headers

Referer: https://www.tomsguide.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1261
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Tue, 11 Jul 2023 02:27:37 GMT
etag: W/"b1ac47e04369fbf8c1877c7a465ac602"
last-modified: Thu, 15 Jun 2023 17:22:18 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-id: GQeCHh-htxt-Lhhhoj4Q6JfT1T0feAWA7xDdNzy1bzey0RxGQk_RZA==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 Notice.a7630.css
cdn.privacy-mgmt.com/ Frame 71B7 33 KB
6 KB 23ms
22ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.a7630.css
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b82da7eedbeec3f8882db8678b3ed0203cc3d289ba7d55f5ef5ac34ff1fe7267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:29:29 GMT
content-encoding: gzip
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 17:22:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 1150
x-amz-server-side-encryption: AES256
etag: W/"d549b61f5cbf5cf5ccaa9b265f4c3c63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: EXej0zqo5YGciEOGnVVGE_sLmeShiMiosQhpkYIh2xAHl6e-BBKP6Q==

GET
H2 200 polyfills.d36c5.js Show response
cdn.privacy-mgmt.com/ Frame 71B7 5 KB
2 KB 24ms
23ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/polyfills.d36c5.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:43:24 GMT
content-encoding: gzip
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 17:22:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 315
x-amz-server-side-encryption: AES256
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: LmSQYXunRehfxyWXBbnxZnQVB2kM1xLOvvuqaNDzgLfkFgzlRiHlXg==

GET
H2 200 Notice.5b5de.js Show response
cdn.privacy-mgmt.com/ Frame 71B7 263 KB
69 KB 27ms
27ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/Notice.5b5de.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15b98d584a6d2495586e0b5972a117e04fa2368eaea9a4e6e61dccafa55fc46e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/index.html?message_id=822393&consentUUID=null&requestUUID=d0f45eec-bf64-4d7e-8bf0-c7f76a36d2bc&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:11:58 GMT
content-encoding: gzip
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 17:22:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 2201
x-amz-server-side-encryption: AES256
etag: W/"c9a615d4433d375a62a8276dec48dcad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: YqvLDYwU8U5twMiR8G7QOT96Kf2IgzP5XSkGY4szjYj6sEBFXEzgcg==

GET
H2 200 ncs-script.js Show response
uk-script.dotmetrics.net/Scripts/ 3 KB
2 KB 50ms
50ms Script
application/javascript 99.86.4.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/Scripts/ncs-script.js?v=226
Requested by: Host: uk-script.dotmetrics.net
URL: https://uk-script.dotmetrics.net/door.js?d=www.tomsguide.com&t=tg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-88.fra6.r.cloudfront.net
Software: Kestrel /
Resource Hash: e96b558c02041fe94c15887549e5132e08e027e9081779b654570236ac38c6ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:38 GMT
content-encoding: br
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jun 2023 08:19:41 GMT
server: Kestrel
x-amz-cf-pop: FRA6-C1
etag: "1d9a34ff60e060e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: whE4vb5kjG1Bn_w5M3wfj_AXHF1iTyUeqFM_kZm8FeG3V-o62urEew==

GET
H3 200 setup-seasonal.js Show response
hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/ 2 KB
2 KB 44ms
44ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/16.45.11-376f65117c7a063a45926a16f88abe741e709523/setup-seasonal.js

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

072b55359f2331e73f47f41e96fe5c7d640eaee1a1343d81e9c59477bbaf636f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:38 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 992760
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: HIT, HIT
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 977
x-ftr-expires: Fri, 28 Jun 2024 15:02:37 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer: hawkproxyprodblue
x-served-by: cache-lon420092-LON, cache-cph2320028-CPH
x-ftr-request-id: 00000000:7808_00000000:01BB_649D9E38_ED779:40D3
last-modified: Thu, 29 Jun 2023 14:43:35 GMT
x-timer: S1689043718.029070,VS0,VE1
etag: W/"649d9897-8b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=31536000, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
x-cache-hits: 121, 1

GET
H3 200 seasonal.php Show response
hawk.tomsguide.com/ 58 B
699 B 68ms
68ms Fetch
application/json 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/seasonal.php?article_type=news&article_category=phones&language=en-DE&site=TOMSGUIDE&device=desktop&origin=widgets-clientside

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3685003d5a704e764772420eddbf90022c26b4565936bde16953b313df3831f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:38 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 1392
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: MISS, MISS
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 54
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer: hawk-proxy-185-113-25-36
x-served-by: cache-lon420094-LON, cache-cph2320041-CPH
x-ftr-request-id: 00000000:F6A8_00000000:01BB_64ACC305_C951D:56AB
x-timer: S1689043718.124630,VS0,VE25
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodwhite
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 0, 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
30ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1997156689&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&ul=en-us&de=UTF-8&dt=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now%20%7C%20Tom%27s%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliates&ea=Retail%20Promotion%20widget%20viewed&el=TechRadar%20Magazines&_u=6GDAAEABBAQCAGAAI~&jid=558042353&gjid=357615321&cid=589811664.1689043718&tid=UA-72111741-10&_gid=2094607942.1689043718&_r=1&cd40=China&cd41=Data%7CSpyware%7CAndroid%7CDownload%7CMobile_app&cd42=Google&cd43=Software%7CShutterstock&cd45=China&cd46=android&cd47=Android_spyware_with_over_1.5_million_downloads_sends_your_data_to_China_delete_these_apps_right_now&cd50=5&cd58=android%7CPlay_Store%7CGoogle_Play_Store%7Csmartphones%7CSecurity&cd10=EN-US&cd1=news&cd3=security&cd5=RWLQB2f9eZuu9T54UWqAMA&cd6=%7Candroid%7Cplay_store%7Cgoogle_play_store%7Csmartphones%7Ctype_news%7Cchannel_phones%7Cserversidehawk&cd7=alyse_stanley&cd8=08-07-2023&cd27=721472&cd33=null&cd53=2023-07-09T15%3A42%3A17Z&cd61=pageLoad&cd95=news&cd99=0&cd106=0&cd126=en&cd127=GB%7CUS%7CAU%7CSG&cd128=09-07-2023&cd134=typenews%7Cchannelphones%7Cserversidehawk&cd31=10&cd30=4g&cd12=2351129&cd14=Magazines%20Direct&cd16=null&cd17=1&cd25=EUR%208&cd37=null&cd48=Technology%20Magazines&cd60=retail&cd65=rgb(255%2C%20255%2C%20255)&cd66=null&cd73=null&cd75=null&cd76=https%3A%2F%2Fwww.awin1.com%2Fawclick.php%3Fawinmid%3D2961%26awinaffid%3D103504%26clickref%3Dtomsguide-de-custom-tracking%26p%3Dhttps%253A%252F%252Fwww.magazinesdirect.com%252Fcategories%252Ftech%252F&cd84=null&cd90=2141e0ae-a7e6-4cbb-84b6-1395e44dadd3&cd105=6539&cd111=null&cd115=appeared&cd116=null&cd117=null&cd118=null&cd122=null&cd124=null&cd125=null&cm1=1528&cm3=503.20000076293945&cm24=0&cm27=13793&z=1717290916

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 02:48:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 71B7 34 KB
2 KB 98ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b50116c3101a511d2559c79c005b6cf57fd89fd52dac1d3566ebaeaf53f1dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.privacy-mgmt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jul 2023 02:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 02:14:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jul 2023 02:48:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 33ms
33ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72111741-10&cid=589811664.1689043718&jid=558042353&gjid=357615321&_gid=2094607942.1689043718&_u=6GDAAEABBAQCAGAAI~&z=1203337703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Jul 2023 02:48:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 widget.php Show response
hawk.tomsguide.com/ 11 KB
3 KB 77ms
76ms Fetch
application/json 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/widget.php?model_name=Google%20Pixel%207a&article_type=news&article_category=phones&language=en-DE&site=TOMSGUIDE&filter_product_types=deals%2Ccontracts%2Csubscriptions%2Cfallback%2Csimilar&rows=3&device=desktop&origin=widgets-clientside

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d267852c4610aedb80bb45cfd7aa46a208db4020f6310eefa7c45c3849b0ecf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:38 GMT
content-encoding: br
x-hawk-country
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 8896
x-hawk-area: DE
x-ftr-dc: uk-lon2
x-cache: MISS, MISS
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 2345
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-ftr-balancer: hawk-proxy-185-113-25-40
x-served-by: cache-lon4223-LON, cache-cph2320041-CPH
x-ftr-request-id: 00000000:16C4_00000000:01BB_64ACC306_2B6F2D:07B5
x-timer: S1689043718.340998,VS0,VE33
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
access-control-allow-origin: *
x-ftr-backend-server: fievarnishprodred
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 0, 0

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 117ms
37ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 535
etag: W/"841a8834d1e8a6a8a6de9933a13d2b34"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7e4dba882a8e9a1d-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jul 2023 02:48:38 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
30ms Ping
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 02:48:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 47ms
46ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:38 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 535
etag: W/"22f7e3545bf8cba3cac43d34db3357ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7e4dba886ab59a1d-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jul 2023 02:48:38 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10055482/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

23ms
23ms

Script
application/javascript

13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 01:21:27 GMT
content-encoding: gzip
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:00:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 7058
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: qPdjwSTZ_6acgdWK8fY4-b3MLMLgJDnO9wRkSBakE4QQ3-ubdxop9w==

Redirect headers

date: Tue, 11 Jul 2023 02:48:39 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: warg8bF3GzpsMbK57dPMMTqooa3-xkpREl3hMmB96pt1F5hKQSBZdw==

GET
H2 204 b2
sb.scorecardresearch.com/ 0
225 B 24ms
23ms Image
text/plain 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1689043719203&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=DE&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=4&cs_fpcd=1&c7=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fandroid-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now&c8=Android%20spyware%20with%20over%201.5%20million%20downloads%20sends%20your%20data%20to%20China%20%E2%80%94%20delete%20these%20apps%20right%20now%20%7C%20Tom%27s%20Guide&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 02:48:39 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: kl_Tv8G39Sir1YyecUxboJ3H-f6a-b6X94YOmmlP4l7vqbXQdmKyqg==
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.tomsguide.com/	1969-12-31 23:59:59	Name: FTR_Country_Code Value: DE
.www.tomsguide.com/	1969-12-31 23:59:59	Name: FTR_Cache_Status Value: HIT
.tomsguide.com/	1970-01-20 13:10:45	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.tomsguide.com/news/android-spyware-with-over-15-million-downloads-sends-your-data-to-china-delete-these-apps-right-now%22%2C%22sref%22:%22%22%2C%22sts%22:1689043717165%2C%22slts%22:0}
.tomsguide.com/	1970-01-20 22:40:07	Name: _parsely_visitor Value: {%22id%22:%22pid=4cab1951-bdb6-4361-a8e2-93c16bd299b8%22%2C%22session_count%22:1%2C%22last_session_ts%22:1689043717165}
.www.tomsguide.com/	1970-01-20 21:56:19	Name: usprivacy Value: 1YNN
.servebom.com/	1970-01-20 21:56:19	Name: u Value: 4B17006CEC59479A83CC2D6592D8A31F
www.tomsguide.com/	1970-01-20 14:57:31	Name: h_id Value: 4B17006CEC59479A83CC2D6592D8A31F
.tomsguide.com/	1970-01-20 21:56:19	Name: dnsDisplayed Value: undefined
.tomsguide.com/	1970-01-20 21:56:19	Name: ccpaApplies Value: false
.tomsguide.com/	1970-01-20 21:56:19	Name: signedLspa Value: undefined
.tomsguide.com/	1970-01-20 21:56:19	Name: _sp_su Value: false
.tomsguide.com/	1970-01-20 13:10:47	Name: AMP_TOKEN Value: %24NOT_FOUND
.tomsguide.com/	1970-01-20 22:46:43	Name: _ga Value: GA1.2.589811664.1689043718
.tomsguide.com/	1970-01-20 13:12:10	Name: _gid Value: GA1.2.2094607942.1689043718
.tomsguide.com/	1970-01-20 13:10:43	Name: _gat Value: 1
www.tomsguide.com/	1970-01-20 21:56:19	Name: consentUUID Value: bdb510da-705a-416d-a3bb-2d642fec43da
uk-script.dotmetrics.net/	1970-01-20 13:20:48	Name: AWSALBCORS Value: qmh9qLN0UDz1nswGQUzGhdwHizyLFrD2JiKjTEWhDFKH9JuA0w+ccmsD1vBSPhKhYwdGAwt6GMqLaOUMcEKxrgoHl1IB9FSDecO+l6sOR5MBExgNn9pGmUcSFcrc
.tomsguide.com/	1970-01-20 13:10:43	Name: _gat_hawkWidgetsAffiliate Value: 1
.onesignal.com/	1970-01-20 13:10:45	Name: __cf_bm Value: 5B3hPpPIKiE2op22rq8QIQD8FZn4UjYP43Efb6L0XM8-1689043718-0-AdamAezD5gMY9JkICQWxH2PFxI1K/5zWmWDfVv0PuGA9BdyeXOrUCGGgWl8FBcjoGAq60V3jxEsQBRqmsq39eBU=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
ads.servebom.com
ampcid.google.com
ampcid.google.de
bordeaux.futurecdn.net
cdn.jwplayer.com
cdn.mos.cms.futurecdn.net
cdn.onesignal.com
cdn.parsely.com
cdn.privacy-mgmt.com
champagne.futurecdn.net
content.jwplatform.com
fonts.googleapis.com
forums.tomsguide.com
freyr.futurecdn.net
hawk.tomsguide.com
mos.fie.futurecdn.net
p1.parsely.com
r.skimresources.com
rm-script.dotmetrics.net
sb.scorecardresearch.com
slice.vanilla.futurecdn.net
sommelier.futurehybrid.tech
stats.g.doubleclick.net
uk-script.dotmetrics.net
vanilla.futurecdn.net
www.google-analytics.com
www.tomsguide.com
13.32.99.21
140.82.17.16
151.101.130.114
151.101.2.114
151.139.128.10
18.66.100.58
199.232.198.114
2001:4860:4802:36::178
2600:9000:2057:5000:d:5ce3:a4c0:93a1
2600:9000:225e:4200:1:a3fa:7cc0:93a1
2600:9000:225e:9a00:1:a3fa:7cc0:93a1
2606:4700:4400::ac40:9256
2606:4700::6812:d73b
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:400c:c00::9a
35.190.59.101
52.17.99.225
52.208.139.32
67.27.159.250
8.238.30.122
99.86.4.122
99.86.4.88
0068538e7db5b21d8213cc37f6e8a949a4e689550bfa9f00f7280e16db793033
040c88d30b344fd51ca569f2e4d59beaf962d110ff4696e2ed9e09bd9ca73c5d
05ea913a0cb38f268a5e5744f909d05a363fbefc31ffdcd7f33acd29b67ecb2b
0606ec5f5b4e4feacdd1fbd70ad116b412145c03130fcb15c3b4f849921f47f8
072b55359f2331e73f47f41e96fe5c7d640eaee1a1343d81e9c59477bbaf636f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
14e8c29acc724571bcd79968dd330f657f070429786d5701070c27538be86c76
15b98d584a6d2495586e0b5972a117e04fa2368eaea9a4e6e61dccafa55fc46e
1906bfb11b42a27b7c44ac855494b0025f2aa2be055cde98901fbf5451e36bfd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d5939975488940d778f3624c1c8f2928f92da1732a66c0473ac7422eaac296d
20e4bdd7a1634ed3b82ff2f5b6bdd1ec97aca0a87251e9368b4bbb615fe06d7c
22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba
25b0bc9dda8dd671aa7cc47201a3d2b019d51deb6c6cebe10c38ec352d4a1c96
2ce64814d2dd078a6529b062293f401a7870db0bc96bb1c732c018c8178fea2c
32d3f2d2eafcec241c566edad04801fe72cf6c4829bbf413fc9012918b770b9f
32e61e093357c529c4110815bb51daa1c0d875de3dd285bd88dde4f038d8ac61
334185ca1cfeaa0f0dea7041508b23c65a07b2a9d0928d8b7db9944a65db1868
35c1343f6e699d96dc925f0c687a3f425b35e6353dc9f04d602c976ff49513ee
3685003d5a704e764772420eddbf90022c26b4565936bde16953b313df3831f6
384a617cdaa564b366bb6e0427a5595db8be102a5ce6e43c7080aede67073fe4
385bb03a788147de28cb24a1f69c233ce2da68b43532c84a28dd38c1b6b3805d
39524b75c44ab972a2865692a21724deb0d5ef8cb9c07756b3e4f98951ec0b2d
3b50116c3101a511d2559c79c005b6cf57fd89fd52dac1d3566ebaeaf53f1dec
3ba09e3cb00b04ed05de55b085ea160a8579de16840030b9fedfd466ef8db060
4040290703d94ad9092a22be3c859871891c1bda52c71c2d9d85d1b38da8b8a6
408953b32fc5f1a326491d6713a8c98cccc5df5ae9bda35143b87251ecae6ba4
447d7abe57dbd776bd8f89d2e89bc99171027968ba2fabd1e174c7752f0eeae2
50640aeaa73ecc76d23540f0eaf44f992cbc89e5da76b4e8a81720bf2b1ad0df
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
5a292d2f224a634f7f47110eaeebd9b006c25a24bdde2099bd6475ce7f565579
63ced1bd536c93c969c9f838f131ac5391c1e3d58c48481f2ef71b553581ef42
6452632e0809dc55545230ae74ecce7fbf7dff3b8e5217a40ae9aa349ffe754f
659b00c8dbdc858debfe5f9f41ec76032c7aa04488221f6027933ea81be72ef5
666e1dd03b38a362a394ce48f249710f27c0d25f3abed7382bb81d2167757bf5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b92a8751cd899c494919ac63de48be431e96e3748fe3c2d656a11c37d6b41d7
6f30512918099b651f305fa9c9c508b9e10ba105f0e89d8ad6af79c19bea1a4e
6fb5831c785d0168112c1fbd798f5e3c1d517e9154037a806f3e78716a073654
74889fe974fb778a8fc0ab224e1fe77e3ff23cbdeb785d8d4aeca50331e80c67
74a0f7b7b1a43fc4397bf7aefc19396ccd770140e6af0ab2fe607ed3a5eab1fa
75f5930d88241952e87417c57e6b8507e2d2192c609e5c87d3c9aac1178c44ce
792e0406b3c8061ef7d9f3b83b69a71c44f9f8381895d60af165a919c1da55cb
804530b42c4a1c98f2e0d78d7b657a6fe8772afd6175a2a56353ca958cf1ec04
8232133e352057ada5295e01a5331a3bced99e86e8f163e75854301fe8c84a45
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
84e7dffb1f30b83c7f5bba270eab962804321446be09c916afe962b9667f68f5
8ba41f7a32e9dc3461105acd1061ad1f2cf47b7d498ce4780ede78e647a249aa
923a222677d5bcc0547e7fc333250d02efc1f59361aab30715090d4d2c95bb0a
942c7e43f93c0f8f7c1fc4a7123a4e7b827943e803a38f23d4bcb1c3187bdef5
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
96843e111f22b76006ae527ce1e7e40770c715a0c00cb8ab99c1824dd1f2e129
97f0fc9077ca0a5d3f08dd42db0a0a127b80635075614145ff2d5db334baf3b3
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a6ef406ed57c90ef9395bd58fd35f80c39d27d47c01543b91fe6efbd63ebfe9
a32ba252306804a3704242406fd8d70fa1bf9f2c3ef4cb7009f742ec0e64d987
a5b778a74d933b8055cb72d4ae7b8c03081db05913f4c56b3c3b4e3bcf9c6824
a74e2de90134f5701a5aa677b8fe9123bfb2ccbbeafac17e613cf64d994d5c87
ab048b1dfad5fa4a3f3ed03f22852f6e23506da28c641164e50ba21c5d3c1c6f
ac6c1e00ead4a9f42ae231bbb76c6ce6bb0da60d47a2ec485e146714fd5eb05a
b22acb8a53f69a5efe42d7fe3b7fc7d40c238ac185a79de021ee9bcede2dd2d4
b82da7eedbeec3f8882db8678b3ed0203cc3d289ba7d55f5ef5ac34ff1fe7267
c0a177730664a02710981330dacbe32e843153f32945016aa1e7b377ed4f9819
c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb
c2de89470c044e0860d1605fe0125f65c17f39337430625ff823773d0341f8cf
c3148c885d31849c2f4bcd7ffd027d6e54b48f24d3563b9d26da28fdf149cf94
c615834e388ee114355fa1eb0e353d59bc41b929bcc77552cae19ae4eecc0a0c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc81bc53c42dfa7b245db0c9dd762fdae158696447473aa9d96a3234f0ae4224
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bbfeccebc672bb797c6e8e4c071baf2828129aeebcf48d68bb14057b7ab0fa
d267852c4610aedb80bb45cfd7aa46a208db4020f6310eefa7c45c3849b0ecf3
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10
da17d99d56c61ad80a802664c2c6a262c73471927afdee1c9181d6a72a7ae0f0
db19a20a4f38fc3a68afe595388f29b42587ce4e74bd4cb1d3a9f65972c28ea6
dbcef97c1a8f97c694476c4edf72eb5fc0d84331126bf8220f3e3a5352686658
dc08e3ae4d5ca5ceacf0011a84234111b2d5f7bdf186d030ffa3d817aa6cdf42
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fd2925de57469dcf43d697e3862fb6c7d8fcc6bf18cc5cc672c636265203ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
e79f4f9f6aae9312b88f53cc5460fdbce381b65af4afc3efc780efe69cd2dd36
e96b558c02041fe94c15887549e5132e08e027e9081779b654570236ac38c6ca
f007264e45ea5880d979fdd40197b3a5e90f1d73aaa80517002d33866f6e9689
f65329a3db68a68c542fe17485430268a4f86882c6e579344e42a862d43ef2b8
faaea6c49a36911019be9023e8ebc54cf3b95149dcb5f17fa71a02ab6fb03558
fed4700f4f76da1d8459e06c3a314aa668153786615670cbf031e836f9f415d1
ff9dedfdc5dfae12fe0ba4d19c5634a4d8c26676a341421e342c7bad5bc0f65f

www.tomsguide.com Open in urlscan Pro 199.232.198.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

42 %IPv6

18 Domains

28 Subdomains

25 IPs

4 Countries

1775 kBTransfer

7018 kBSize

19 Cookies

30 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tomsguide.com Open in urlscan Pro
199.232.198.114 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

42 %
IPv6

18
Domains

28
Subdomains

25
IPs

4
Countries

1775 kB
Transfer

7018 kB
Size

19
Cookies

101 HTTP transactions
0 data transactions