www.techrepublic.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://enews.techrepublic.com/ct/55670964:WTx3WW-Nb:m:1:2276723787:E2626229E07E9757EB70A5AF458366C2:r
Effective URL:
https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=...
Submission: On July 10 via api (July 10th 2020, 5:35:15 am UTC) from US

Summary HTTP 197 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 23 domains to perform 197 HTTP transactions. The main IP is 2a04:4e42:1b::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.techrepublic.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on August 12th 2019. Valid for: 2 years.

This is the only time www.techrepublic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.32.196.103 52.32.196.103	16509 (AMAZON-02) (AMAZON-02)
27	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
6	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
31	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::645	54113 (FASTLY) (FASTLY)
1	34.102.213.242 34.102.213.242	15169 (GOOGLE) (GOOGLE)
2	104.109.77.38 104.109.77.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	64.30.230.22 64.30.230.22	6623 (CBSI-1) (CBSI-1)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	72.247.178.11 72.247.178.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	72.247.178.19 72.247.178.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2.21.38.40 2.21.38.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	104.108.48.175 104.108.48.175	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2	52.16.26.2 52.16.26.2	16509 (AMAZON-02) (AMAZON-02)
3 3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
12	172.217.7.99 172.217.7.99	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
197	28

1 52.32.196.103 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

enews.techrepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY, US)

www.techrepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:19a::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd30b.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
685d5b1b.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.213.242 (United States)

ASN15169 (GOOGLE, US)

urs.techrepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.77.38 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.30.230.22 (Fremont, United States)

ASN6623 (CBSI-1, US)

dw.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ddd9ec815e4c46b8b477710e43fde3bf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.178.11 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.178.19 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)

kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba19 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.21.38.40 (France)

ASN20940 (AKAMAI-ASN1, EU)

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.48.175 (Netherlands)

ASN16625 (AKAMAI-AS, US)

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.26.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.7.99 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

28135b6b4edfdc2066177db53e9bcd71.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com ddd9ec815e4c46b8b477710e43fde3bf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 28135b6b4edfdc2066177db53e9bcd71.safeframe.googlesyndication.com	586 KB
34	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	394 KB
25	cbsistatic.com tr1.cbsistatic.com tr3.cbsistatic.com tr4.cbsistatic.com tr2.cbsistatic.com	452 KB
20	ampproject.org cdn.ampproject.org	431 KB
17	gstatic.com fonts.gstatic.com csi.gstatic.com	55 KB
16	moatads.com z.moatads.com geo.moatads.com px.moatads.com	753 KB
10	googletagservices.com www.googletagservices.com	268 KB
6	cookielaw.org cdn.cookielaw.org	116 KB
5	google.com 3 redirects adservice.google.com www.google.com	474 B
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	94 KB
3	go-mpulse.net c.go-mpulse.net	53 KB
3	cbsi.com production-cmp.isgprivacy.cbsi.com at.cbsi.com Failed dw.cbsi.com rev.cbsi.com	13 KB
3	techrepublic.com 1 redirects enews.techrepublic.com www.techrepublic.com urs.techrepublic.com	198 KB
2	nr-data.net bam.nr-data.net	462 B
2	akstat.io 684dd30b.akstat.io 685d5b1b.akstat.io	722 B
2	tiqcdn.com tags.tiqcdn.com	41 KB
1	google.de adservice.google.de	168 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	google.fr adservice.google.fr	887 B
1	onetrust.com geolocation.onetrust.com	515 B
197	23

	Domain	Requested by
31	securepubads.g.doubleclick.net	tr4.cbsistatic.com securepubads.g.doubleclick.net www.techrepublic.com www.googletagservices.com
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.techrepublic.com cdn.ampproject.org tpc.googlesyndication.com
20	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
12	csi.gstatic.com	cdn.ampproject.org securepubads.g.doubleclick.net
10	www.googletagservices.com	www.techrepublic.com securepubads.g.doubleclick.net rev.cbsi.com
9	tr1.cbsistatic.com	www.techrepublic.com tr2.cbsistatic.com tr4.cbsistatic.com
7	px.moatads.com
7	pagead2.googlesyndication.com	www.techrepublic.com securepubads.g.doubleclick.net
7	z.moatads.com	www.techrepublic.com securepubads.g.doubleclick.net
7	tr4.cbsistatic.com	www.techrepublic.com tr2.cbsistatic.com
6	cdn.cookielaw.org	www.techrepublic.com cdn.cookielaw.org
5	fonts.gstatic.com	www.techrepublic.com
5	tr3.cbsistatic.com	www.techrepublic.com tr2.cbsistatic.com
4	tr2.cbsistatic.com	www.techrepublic.com tr2.cbsistatic.com
3	googleads.g.doubleclick.net
3	www.google.com	3 redirects
3	fonts.googleapis.com	confiant-integrations.global.ssl.fastly.net
3	confiant-integrations.global.ssl.fastly.net	tr4.cbsistatic.com confiant-integrations.global.ssl.fastly.net
3	c.go-mpulse.net	www.techrepublic.com c.go-mpulse.net
2	geo.moatads.com	z.moatads.com
2	bam.nr-data.net	js-agent.newrelic.com www.techrepublic.com
2	tags.tiqcdn.com	tr2.cbsistatic.com tags.tiqcdn.com
2	adservice.google.com	securepubads.g.doubleclick.net www.googletagservices.com
1	28135b6b4edfdc2066177db53e9bcd71.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	www.googletagservices.com
1	rev.cbsi.com	www.techrepublic.com
1	fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	685d5b1b.akstat.io	c.go-mpulse.net
1	js-agent.newrelic.com	www.techrepublic.com
1	684dd30b.akstat.io	www.techrepublic.com
1	ddd9ec815e4c46b8b477710e43fde3bf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	dw.cbsi.com	tags.tiqcdn.com
1	urs.techrepublic.com	tr2.cbsistatic.com
1	vidtech.cbsinteractive.com	tr2.cbsistatic.com
1	adservice.google.fr	securepubads.g.doubleclick.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	production-cmp.isgprivacy.cbsi.com	www.techrepublic.com
1	www.techrepublic.com
1	enews.techrepublic.com	1 redirects
0	at.cbsi.com Failed	www.techrepublic.com
197	43

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
flipboard.com
academy.techrepublic.com
www.cnet.com
japan.techrepublic.com
tr2.cbsistatic.com
www.android.com
www.zdnet.com
research.checkpoint.com
threatpoint.checkpoint.com
developer.android.com
fileinfo.com
cbsi.secure.force.com
www.cbsinteractive.com
ca.privacy.cbs
legalterms.cbsinteractive.com
privacy.cbs
onetrust.com

Subject Issuer	Validity	Valid
*.techrepublic.com DigiCert SHA2 High Assurance Server CA	`2019-08-12` - `2021-06-07`	2 years	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
sni9451gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-05-07` - `2021-05-12`	a year	crt.sh
*.isgprivacy.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-10-14`	2 years	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.fr GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.cbsi.com DigiCert SHA2 High Assurance Server CA	`2017-11-07` - `2021-02-04`	3 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-29` - `2021-05-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
www.cbs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-07-22`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Frame ID: 98A54E52EA02B6B027A21E755A5234A8
Requests: 76 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/5VS23-BHL36-JUED4-78U6Z-ZT97H
Frame ID: 385536C21B903D9805DDE3D57B97B396
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspkMD_Q12h9ZjqKsLlEWwD8D0rmZWBIw4URIO91eWzaSdY2pMpFqeWztAKbeKjXEyQ4-gREf1YmjKQx1mblNswIoU29nHt0v0LLCuu-HDLjALgd1lRPOIVGwPnYxatNKoNCF1ynCpbv7yUTB2fFzJUWGSd_NgCHCIA617vFyZ2XZd43q491nZtTrhfxXGyOaCG3sP392hBzWME3SiFkM5fgPn1vj4P3j7UrhuiBIlerFsrsAuD82Cz2qEY008KJd9Yb3iI90SdYCdxg1kn2ocEFUZPrDo&sai=AMfl-YTDRDAF-FcPG5Uo3FO4ZgpdQTeziOX4DsnYMNTPg1AAh-gm69jy10gvIZLpGDRyYikK8zJGFrRpWbQhuoCR6bTD6njwllWKtDLwD9tNLA&sig=Cg0ArKJSzLEKTlJvUVJjEAE&urlfix=1&adurl=
Frame ID: 46C4849B62EB9B7A841F37563AE93955
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js
Frame ID: 0A03DDA226FA50CFAB0AFE465702760D
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js
Frame ID: EE543BC6DFB18A3B24FAE4D93FFC9719
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js
Frame ID: 8574528D4EFE31C0D2E9D7EFDA8F58D0
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js
Frame ID: 11014A9DE0880F5BDFD00FE1B4EA0D87
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRYPePc0Q6dUsdLHvU6ed9ZXPqKWcXo_A3lREsteRoaXy7zd-lUqKz10ijz5zyooX-quKaWNTf86OdmWMUfcbXKj3FZV7JDNpnQmT59sKeecUX0RQF_iMLedg4OGWlVsl121RHee6iDvSdxBETrIBbSx0EJXndtX8rEYy9HAfCFuGlKUO2Ap1FSh7nVFLVJgDasLHu70Lp7jJBy_4Q_9tU4SVEgb0f-OEEkDmm6tCzvj_9OSsmc4j_OlT_sY_RmcUju4De83pdMkHmmUu10hm3pBQhbK4&sai=AMfl-YR7k_6k-sQskyS4STkNkZOJbMlUsKD-tARtl8sLFPXRZWoqXO-bv-y9TICtO-X4CF6esc8wySKoKhMOv_cDxLbgT1j-PJ6MUzpGMgHFvg&sig=Cg0ArKJSzBkTXXCKQbFwEAE&urlfix=1&adurl=
Frame ID: 86DE3536393AC20E413F11EDC4AE5547
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzC3OdbwJudriIVVm2p9ljOgruJ6RPPAF8LsRb6yEDA0pYs3RLj7rUknyzEnI97eauqzqjiSIJNsBuoHYN-5FUfz0xWCVMJo4gFzmvxf_EszdMGaZSym0NudaszMQ1dhUuHB6UoxmQ_hihN991C-hZQXEdJCSJST-xFFqXXVEfgQGNos6FgxZqja_hGpy0h9Ll7Opw__XJ9W83upfwgI-VDV6GtudczF5dGCO064S_GdOIY3aFiyi7AGGouW_W0l3mVeoCoERQj7_LWySXgaIJ3EmPCuQ&sai=AMfl-YTw-n_391V7dqTtRPLUQTeS1lh2TfySFtYc6-olaQyUMboeiR4FV8WTAXnmykpkf4ulVKFWu9pKHw2Z_1KHlJMMdFJSnXIksnYoUzE6QA&sig=Cg0ArKJSzJmmZst6DTGNEAE&urlfix=1&adurl=
Frame ID: F996987DFDC0509722197CB009C79777
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZO-_ecRh7E8Istxf9VVuN7d65KYUDAuOrO5OxFb4-pqjnwtFoTi9RgS_dbvFRLNhuUeFnPFnCQRTTSdJtwoGXuUR4BFkJYSiHFYIFV0OgE79x2GcR56niv4GykMhbC0ZBI73VkKIuV5zgg8kXyBOuMl0UYNoWcmVEVapGdUrm0eV2u_94QVSfGftbZY_6bIur0lNiH49n4HCXdZt3wncpRGXnIAwbADw6vvIKNt8ecM_2SyQT8IW2NB8ul1frDdASh1KIz6KtCBm7rxj-TLQgzRiVdLE&sai=AMfl-YRe8-ODsMWsCGN6uvn27jHkwbUbFWJ9zlJzPNzo7VVBcSYVlTbH-_1i3d0R4xIT6szWSzTxpDr8f_hYELZ0phMMEZy1hZnXPNXy2G88mA&sig=Cg0ArKJSzDMlpoWmDHjBEAE&urlfix=1&adurl=
Frame ID: B85F5BFD9535422F00BA633A9A8DD2D2
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR0Dr5rc29-KZ23YupsKXv27LMqCBpoahAIjROj-AieGH_LtdAOn-DyBUR2C2heVZOHC1StFzWifqacSsBUqABp2BwoqL4PxQj66qlNnwEGqEEj3w9QbnkiO59eS4dnUU4MHy_DjFbsjausWN0FpHdzP1R5-UjEauaBli6_XR4d6senKMVbrNTc3vTq75PB-AZ4r76IAYMWNbzQGHsIUkT9WZEpmXBFD_jlAdBcXo_7db9FaI2LlxPqFp0axS4AED194acfQ0NAwE0gUUNYLLP2kbiavc&sai=AMfl-YSvyroUALoEMhB6knaXAOgyUeP6VDl6NaLz7n0RtWEMCCnaGVig6k8j15mUpbnbzNe4sn9y2WNARzueCpMqoXIrK6zRSLcan0agot8icA&sig=Cg0ArKJSzJW5bdWnrRSrEAE&urlfix=1&adurl=
Frame ID: 17ACE4C435588B8EB17BCC8066E5F97B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 95238B5B72FD8AC090EEB29ED8300B65
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNB6_gTmRdZnH1FOr5EIowejAwgltckhe96rreIB4rFcxLl1tM6ESNG2hOJ61MMGvHub9EDtPZxqE1VanIEKEPvLD19HXSoGK2noo875ALcYvQtwneClxkyXVtE5730pnJh2ysn5NOTGJVCg2zaAKaZ1n-5DSfRNXZNzsJQz2PLrRfz9-WWaq2jZDfFTZH6zo5U02QzRPHFOWINNNNN8Zo_GhwzDMvAL37IXg0iusHBrDpBNn5B3a9M4GvYh8rY176x4WK6_kirZFfgKb2H6cXJLQ7eFY&sig=Cg0ArKJSzFJWFUcPpb9yEAE&urlfix=1&adurl=
Frame ID: 9532677FB2EA8F78462973D35F4B3595
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZCfQ5TLbLDwKKHWVlqlgO863jDL3VXuKJct3mHCBaPgu3bNufhSyiQKBZbQie3CitQx5IeuRuvXs0yzENKChmN4_-irXls1haJBf3rVbQd3nHrKn-PAl3q0AlpUMupMZoB5TjzKxPndGowyXhUdAZnYph_bG11AcudbK7O9fxT5xQX6Oc25lBpndvcjXcnKJ7ehRodEDjJm1mFppt_xKbuU7Xwq0orzzA5mJfkS9wgc3GPfQRgh0Atacmob3bcFp22aNyf86jZEzwUs5vMQynMxJ7cIc&sig=Cg0ArKJSzOww6qKi4FO_EAE&urlfix=1&adurl=
Frame ID: 02C204ADAA704222660E76CBE3957F70
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: CEA5FA8CE5C41D6FB589E5732736D5CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://enews.techrepublic.com/ct/55670964:WTx3WW-Nb:m:1:2276723787:E2626229E07E9757EB70A5AF458366C2:r HTTP 302
https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-an... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Page Statistics

197
Requests

99 %
HTTPS

55 %
IPv6

23
Domains

43
Subdomains

28
IPs

6
Countries

3751 kB
Transfer

10736 kB
Size

19
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/techrepublic
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TechRepublic
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/techrepublic
Title:

Search URL Search Domain Scan URL

URL: https://flipboard.com/@TechRepublic
Title:

Search URL Search Domain Scan URL

URL: https://academy.techrepublic.com/
Title: TechRepublic Academy

Search URL Search Domain Scan URL

URL: https://www.cnet.com/best-vpn-services-directory/
Title: Best VPN Services

Search URL Search Domain Scan URL

URL: https://japan.techrepublic.com/
Title: Japan

Search URL Search Domain Scan URL

URL: https://tr2.cbsistatic.com/hub/i/r/2016/07/28/52fc481d-c0b7-4b50-96da-12c2dcbf2fa1/resize/770x/9b65fbbed8c1d52f7a873f4a45ec5a31/shield.jpg

Search URL Search Domain Scan URL

URL: https://www.android.com/play-protect/
Title: Google Play Protect

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/google-details-its-fight-against-the-bread-joker-malware-operation/
Title: the Joker malware

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/
Title: blog post published Thursday

Search URL Search Domain Scan URL

URL: https://threatpoint.checkpoint.com/ThreatPortal/threat?threatType=malwarefamily&threatId=7485
Title: Joker

Search URL Search Domain Scan URL

URL: https://developer.android.com/reference/android/service/notification/NotificationListenerService
Title: Notification Listener service

Search URL Search Domain Scan URL

URL: https://fileinfo.com/extension/dex
Title: dex file

Search URL Search Domain Scan URL

URL: https://developer.android.com/guide/topics/manifest/manifest-intro
Title: Android Manifest File

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/article/simple-security-step-by-step-guide/
Title: Online security 101: Tips for protecting your privacy from hackers and spies

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/all-the-vpn-terms-you-need-to-know/
Title: All the VPN terms you need to know

Search URL Search Domain Scan URL

URL: https://flipboard.com/@techrepublic/cybersecurity-and-cyberwar-r36o4ug0z
Title: Cybersecurity and cyberwar: More must-read coverage

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/user?screen_name=lancewhit
Title:

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/topic/security/
Title: Security on ZDNet

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=techrepublic.com
Title: Site Help & Feedback

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/techrepublic/terms-of-use
Title: TR Premium Terms of Service

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/
Title: CA Privacy/Info We Collect

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/donotsell
Title: CA Do Not Sell My Info

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: https://www.zdnet.com/
Title: A ZDNet site

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://privacy.cbs/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://enews.techrepublic.com/ct/55670964:WTx3WW-Nb:m:1:2276723787:E2626229E07E9757EB70A5AF458366C2:r HTTP 302
https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6o6me7m8 HTTP 302
https://kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 64

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6o6me7m8 HTTP 302
https://fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 145

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

197 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/
Redirect Chain

http://enews.techrepublic.com/ct/55670964:WTx3WW-Nb:m:1:2276723787:E2626229E07E9757EB70A5AF458366C2:r
https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=227672...

533 KB
147 KB

340ms
325ms

Document
text/html

2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

227d46d5d0e9b02acf34ae5a64f5838370cd16503ee5d367a36792d3f02316fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .techrepublic.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval'; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.techrepublic.com
:scheme: https
:path: /article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.techrepublic.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval'; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://techrepublic.report-uri.com/r/d/ct/reportOnly"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 7bbd9f21-1fbc-40ca-b1b1-a3c4acd2c5bf
x-xss-protection: 1; mode=block
date: Fri, 10 Jul 2020 05:34:56 GMT
via: 1.1 varnish
cache-control: max-age=900, private
expires: Fri, 10 Jul 2020 05:49:56 GMT
set-cookie: fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.techrepublic.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.techrepublic.com; Secure; fly_edition=us; path=/; domain=.techrepublic.com; Secure;
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes

Redirect headers

Date: Fri, 10 Jul 2020 05:34:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 299
Connection: keep-alive
Set-Cookie: AWSALB=TF3cy+6Vf8ryp27Wx05g0bfYXaNnZBVv8qQwRU/HuaZS8L0kqmFc8LwRWooCtVBI6Sg1vfS9vTGxq1RNnf7Q+fNSe147kXzOdVra6qndaMizyA3teStn75838YSo; Expires=Fri, 17 Jul 2020 05:34:56 GMT; Path=/ AWSALBCORS=TF3cy+6Vf8ryp27Wx05g0bfYXaNnZBVv8qQwRU/HuaZS8L0kqmFc8LwRWooCtVBI6Sg1vfS9vTGxq1RNnf7Q+fNSe147kXzOdVra6qndaMizyA3teStn75838YSo; Expires=Fri, 17 Jul 2020 05:34:56 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Pragma: no-cache
Location: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Content-Encoding: gzip

GET
H2 200 main-0b3895b967-rev.css
tr1.cbsistatic.com/fly/css/ 92 KB
16 KB 24ms
7ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.cbsistatic.com/fly/css/main-0b3895b967-rev.css

Requested by

Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f97f3601c96e204f96d414a803aaf09390f2291c8381ca6fef34eb3d76aa3194

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52015
status: 200
vary: Accept-Encoding
content-length: 16351
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 15:07:04 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "3acc64ed42da8a964fef89d04b5ebbcf"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 15:08:00 GMT

GET
H2 200 main.misc-77020730c1-rev.css
tr3.cbsistatic.com/fly/css/ 172 KB
27 KB 23ms
7ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr3.cbsistatic.com/fly/css/main.misc-77020730c1-rev.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

edaab4d4a6fcca292723f2f96300dc5ace4c046680d6007378d7f2998470cddd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52016
status: 200
vary: Accept-Encoding
content-length: 26747
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 15:07:04 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2eebc2ecaebe588f40604fc454b5a6a2"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 15:08:00 GMT

GET
H2 200 main.tablet-cb416df56c-rev.css
tr3.cbsistatic.com/fly/css/ 86 KB
14 KB 23ms
7ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr3.cbsistatic.com/fly/css/main.tablet-cb416df56c-rev.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a900272a359e408b6d95dc61ed3ce2920822e763766b204b89950ce53226c0f9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52015
status: 200
vary: Accept-Encoding
content-length: 14147
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 15:07:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5bd9ee1890ae5fecdfffa2ed9a794ef2"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 15:08:00 GMT

GET
H2 200 main.desktop-722371f259-rev.css
tr4.cbsistatic.com/fly/css/ 13 KB
3 KB 22ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr4.cbsistatic.com/fly/css/main.desktop-722371f259-rev.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

572dddc75aa1e04f4be523bd2fea4509c9125c31bfe44809e681c42114047e55

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425994
status: 200
vary: Accept-Encoding
content-length: 3109
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jul 2020 09:43:13 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "935bd82a454f476e1cbfd3cfcbde25c3"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jul 2020 07:15:01 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 11 KB
4 KB 28ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE8) /
Resource Hash: 6540d56fd6180a6d3f1346781e0311261b40a7de2b9fea215a8825517b40ddc7

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
content-md5: yt5mIkfCMzmELSlUKluhfg==
age: 2956
x-cache: HIT
status: 200
content-length: 3722
x-ms-lease-status: unlocked
last-modified: Fri, 10 Jul 2020 04:11:01 GMT
server: ECAcc (frc/8FE8)
etag: 0x8D8248742012D3C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 729fc9b7-001e-0012-2b74-56ecfa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 10 Jul 2020 09:34:56 GMT

GET
H2 200 optanon.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 35 KB
10 KB 38ms
7ms Script
application/x-javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57f3f0379ec83f9bed92275bbd303a4eb7eb67a7d6b10599183695173c41a3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2536
x-cache: HIT
status: 200
x-cache-hits: 116
vary: Accept-Encoding
content-length: 10092
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4063-HHN
access-control-allow-origin: *
last-modified: Fri, 12 Jun 2020 13:29:10 GMT
x-timer: S1594359297.697377,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "8e9faa49cc6bfa03cb9e6fb89f81ef59"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-amz-id-2: Sr6UFXbML3nkbPkm+MIRq7xZ5ZknmzJq69va2xQbUd9mfbJAm38rCWEwC53IgkjrjMcvPB5XFpY=

GET
H2 200 print-35c0da76c0-rev.css
tr4.cbsistatic.com/fly/css/ 835 B
549 B 6ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr4.cbsistatic.com/fly/css/print-35c0da76c0-rev.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

161fe98735c6cc12d686fc19f89c2d02b2eebae4338c676bf6373c58297cdcf4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77367
status: 200
vary: Accept-Encoding
content-length: 426
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Jul 2020 16:09:44 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "8e5d966ddac5b1c94172b9f5fbacd462"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 08:05:29 GMT

GET
H/1.1 200
OK 5VS23-BHL36-JUED4-78U6Z-ZT97H Show response
c.go-mpulse.net/boomerang/ Frame 3855 202 KB
51 KB 21ms
9ms Script
application/javascript 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/5VS23-BHL36-JUED4-78U6Z-ZT97H
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:56 GMT
Content-Encoding: br
Last-Modified: Thu, 25 Jun 2020 13:45:18 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51580

GET
H2 200 5aadd76a-f99c-41aa-9573-8f1b7934a123.json Show response
cdn.cookielaw.org/consent/5aadd76a-f99c-41aa-9573-8f1b7934a123/ 3 KB
2 KB 27ms
9ms XHR
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/5aadd76a-f99c-41aa-9573-8f1b7934a123/5aadd76a-f99c-41aa-9573-8f1b7934a123.json
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD2) /
Resource Hash: 6397700e63543c0ccfacccf43c655892094aca94cf93587a9c7120f8eb9b9936

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
content-md5: p5ENDcfHObafs0/q1uNOpw==
age: 9542
x-cache: HIT
status: 200
content-length: 1150
x-ms-lease-status: unlocked
last-modified: Tue, 09 Jun 2020 04:24:09 GMT
server: ECAcc (frc/8FD2)
etag: 0x8D80C2CF498B4CF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 00e6890a-101e-0164-4565-562e13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 10 Jul 2020 09:34:56 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
515 B 29ms
15ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5b07eb24ac57c272-FRA
cf-request-id: 03d8d14ae40000c272a204b200000001

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 icon-user-default.png
tr2.cbsistatic.com/fly/bundles/techrepubliccss/images/ 519 B
635 B 7ms
5ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr2.cbsistatic.com/fly/bundles/techrepubliccss/images/icon-user-default.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

bc6fff8a72a1842c55fbc0b04071707e301440cf81ec7c0885c43102dac7fc3e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
x-content-type-options: nosniff
age: 860075
status: 200
strict-transport-security: max-age=31536000
content-length: 519
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 29 Jun 2020 14:06:24 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jul 2020 06:40:17 GMT

GET
H2 200 shield.jpg
tr2.cbsistatic.com/hub/i/r/2016/07/28/52fc481d-c0b7-4b50-96da-12c2dcbf2fa1/resize/770x/9b65fbbed8c1d52f7a873f4a45ec5a31/ 55 KB
55 KB 8ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr2.cbsistatic.com/hub/i/r/2016/07/28/52fc481d-c0b7-4b50-96da-12c2dcbf2fa1/resize/770x/9b65fbbed8c1d52f7a873f4a45ec5a31/shield.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d05c36f2fc68e5cdd1c1c186ec4ea02209501e1c563f5b11b91fb6d09e7deb6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
x-content-type-options: nosniff
age: 58276
status: 200
strict-transport-security: max-age=31536000
content-length: 56672
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Nov 2016 18:51:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "582b5932-dd60"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 article-NLSthumb.jpg
tr4.cbsistatic.com/fly/bundles/techrepubliccss/images/ 5 KB
5 KB 6ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr4.cbsistatic.com/fly/bundles/techrepubliccss/images/article-NLSthumb.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0e0ea6c495ef5a44d853783c31b1b1f1ada6fa54df27cab850f587fd15eca6b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
x-content-type-options: nosniff
age: 721012
status: 200
strict-transport-security: max-age=31536000
content-length: 5345
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Jul 2020 15:55:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jul 2020 21:18:02 GMT

GET
H2 200 require-2.1.2.js Show response
tr2.cbsistatic.com/fly/js/libs/ 16 KB
6 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46347
status: 200
vary: Accept-Encoding
content-length: 6167
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 15:14:01 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "98d8ad5a8e7f097ccb640d541dcae7a5"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 16:42:28 GMT

GET
H2 200 ico-list-arrow.png
tr3.cbsistatic.com/bundles/techrepubliccss/images/ 3 KB
3 KB 7ms
5ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr3.cbsistatic.com/bundles/techrepubliccss/images/ico-list-arrow.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

39582802ae719b7643253ccd2cb591cf7af829810d8e4254285a2c1754ad6309

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tr3.cbsistatic.com/fly/css/main.misc-77020730c1-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20609571
status: 200
vary: Accept-Encoding
content-length: 2862
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Nov 2019 16:15:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "bd400b631ef2d6a9d935d679e13b53a4"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
expires: Thu, 21 Nov 2019 16:42:03 GMT

GET
H2 200 Regular.woff2
tr1.cbsistatic.com/bundles/techrepubliccss/fonts/Proxima%20Nova/ 20 KB
20 KB 25ms
11ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.cbsistatic.com/bundles/techrepubliccss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tr1.cbsistatic.com/fly/css/main-0b3895b967-rev.css
Origin: https://www.techrepublic.com

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
x-content-type-options: nosniff
age: 20609570
status: 200
strict-transport-security: max-age=31536000
content-length: 20256
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Nov 2019 16:15:06 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "2d636d9395b2da27ce67040250333ca4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
expires: Fri, 13 Nov 2020 16:42:03 GMT

GET
H2 200 Bold.woff2
tr1.cbsistatic.com/bundles/techrepubliccss/fonts/Proxima%20Nova/ 20 KB
20 KB 25ms
12ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.cbsistatic.com/bundles/techrepubliccss/fonts/Proxima%20Nova/Bold.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

190c76b7dfa194f92a1cf47e3cbee1f291554f583d9e21e31b79af0f9a9b34b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tr1.cbsistatic.com/fly/css/main-0b3895b967-rev.css
Origin: https://www.techrepublic.com

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
x-content-type-options: nosniff
age: 20609573
status: 200
strict-transport-security: max-age=31536000
content-length: 20392
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Nov 2019 16:15:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5ed65258519fe2c7c00912300061282d"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
expires: Fri, 13 Nov 2020 16:42:03 GMT

GET
H2 200 Light.woff2
tr1.cbsistatic.com/bundles/techrepubliccss/fonts/Proxima%20Nova/ 20 KB
20 KB 11ms
6ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.cbsistatic.com/bundles/techrepubliccss/fonts/Proxima%20Nova/Light.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c3a24ee554eac3f45e56c23dbd2c6a00823b4f98fff5cd252715d1f818142dad

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tr1.cbsistatic.com/fly/css/main-0b3895b967-rev.css
Origin: https://www.techrepublic.com

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
x-content-type-options: nosniff
age: 20609571
status: 200
strict-transport-security: max-age=31536000
content-length: 20128
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Nov 2019 16:15:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "8b7a2ea3ead03ba763da54c65bc6975c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
expires: Fri, 13 Nov 2020 16:42:03 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.1.0/ 316 KB
70 KB 7ms
6ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.1.0/otBannerSdk.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FB5) /
Resource Hash: 0919fc027e18a6e553180a7e7e9b814c1850a60c621ab42105cd70d26254b8f5

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
content-md5: 4+W5NQy0P50sOIKVOzaMBA==
age: 12122
x-cache: HIT
status: 200
content-length: 71669
x-ms-lease-status: unlocked
last-modified: Wed, 10 Jun 2020 06:38:27 GMT
server: ECAcc (frc/8FB5)
etag: 0x8D80D08E2143A37
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9006dda0-701e-0059-435f-56dd60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 10 Jul 2020 09:34:56 GMT

GET
H2 200 main.init.js Show response
tr4.cbsistatic.com/fly/73deea-fly/js/ 613 KB
189 KB 13ms
12ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr4.cbsistatic.com/fly/73deea-fly/js/main.init.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2c3330d2774f089f33edb37170c77ef64b236b2f6e00e472b1422a8225eaf18f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52015
status: 200
vary: Accept-Encoding
content-length: 193776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 15:06:56 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a44c76411c78075e65c96816c9840750"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 15:08:01 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 3855 2 KB
1 KB 32ms
32ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=5VS23-BHL36-JUED4-78U6Z-ZT97H&d=www.techrepublic.com&t=5314531&v=1.632.0&if=&sl=0&si=bniawl5cf9d-qd8ni9&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/5VS23-BHL36-JUED4-78U6Z-ZT97H
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 588cac589fa007ea48c7954fcfde382c9c6de0169c1158fc8ae744f800c25c5d

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 745

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/5aadd76a-f99c-41aa-9573-8f1b7934a123/bac19328-3673-4434-b575-5b669b4d361d/ 80 KB
16 KB 7ms
6ms Fetch
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/5aadd76a-f99c-41aa-9573-8f1b7934a123/bac19328-3673-4434-b575-5b669b4d361d/en.json
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAE) /
Resource Hash: abc5312afb9fd731268eae611e7cff62d567ec02f26723e87538f28aadd8ea03

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
content-md5: OvUc4QJbQ8RYF6Epw5aoAQ==
age: 6914
x-cache: HIT
status: 200
content-length: 16337
x-ms-lease-status: unlocked
last-modified: Tue, 09 Jun 2020 04:26:15 GMT
server: ECAcc (frc/8FAE)
etag: 0x8D80C2D3FE2D520
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d2d946de-201e-00eb-056b-56261a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 10 Jul 2020 09:34:56 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.1.0/assets/ 23 KB
4 KB 7ms
6ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.1.0/assets/otFlat.json
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC3) /
Resource Hash: 70c7abf6a00d9a1e7de179920643da04a08375e0f85121a9bed54bd198492fc2

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
content-md5: lxLj8hMF9JHC0LI5wNpNBQ==
age: 12120
x-cache: HIT
status: 200
content-length: 3717
x-ms-lease-status: unlocked
last-modified: Wed, 10 Jun 2020 06:38:22 GMT
server: ECAcc (frc/8FC3)
etag: 0x8D80D08DEBE535E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 58dfd3cf-d01e-011f-225f-5645a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 10 Jul 2020 09:34:56 GMT

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.1.0/assets/ 99 KB
20 KB 7ms
7ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.1.0/assets/otPcPanel.json
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F16) /
Resource Hash: b68d61de8571012250b06877ff8e50ca37e67f932c8a2e8a20a5bf6752e7db0d

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Jul 2020 05:34:56 GMT
content-encoding: gzip
content-md5: dr9rzID+WaRhu10/fOukvg==
age: 12071
x-cache: HIT
status: 200
content-length: 20480
x-ms-lease-status: unlocked
last-modified: Wed, 10 Jun 2020 06:38:22 GMT
server: ECAcc (frc/8F16)
etag: 0x8D80D08DF211F7C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c6063c01-101e-012b-705f-56ea0b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Fri, 10 Jul 2020 09:34:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 49 KB
17 KB 84ms
34ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tr4.cbsistatic.com
URL: https://tr4.cbsistatic.com/fly/73deea-fly/js/main.init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

af1a741fc9062193a8e573fe300349234ee37608a9d4b55c0fddcf84da81e095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "566 / 873 of 1000 / last-modified: 1594332564"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16536
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:57 GMT

GET diff
at.cbsi.com/lib/api/v1/techrepublic/prod/config/ 0
0

GET
H2 200 mpulse-1.0.2.js Show response
tr1.cbsistatic.com/fly/js/libs/ 61 KB
12 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156334
status: 200
vary: Accept-Encoding
content-length: 12447
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Jul 2020 08:15:16 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "90c6f7524b82acf72ff66b957991277d"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 10:09:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 109 B
887 B 29ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.techrepublic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.techrepublic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020070801.js Show response
securepubads.g.doubleclick.net/gpt/ 249 KB
89 KB 33ms
32ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Jul 2020 15:29:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90527
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:57 GMT

GET
H2 200 article-547ccb82f4-rev.js Show response
tr4.cbsistatic.com/fly/js/pages/ 184 KB
50 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr4.cbsistatic.com/fly/js/pages/article-547ccb82f4-rev.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a84cf74b7366809def61995cb21c8b04feb257ba760c71e72f8d324a4e89fdac

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300815
status: 200
vary: Accept-Encoding
content-length: 50312
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Jul 2020 18:00:26 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "067db8147517918630c9bd63a1da20f8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jul 2020 18:01:19 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 36ms
35ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=5VS23-BHL36-JUED4-78U6Z-ZT97H&t=1594359297087&s=3021a824a6aa9e0407cabfc4d79a582fe2bc16222f831c32b1be9062012c2d0c
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 4ca1a818d5802021ac0fb5f68526dadfdf5492d53875c113aafb7a5f981f3c69

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 746

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 34ms
7ms Script
application/javascript 2a04:4e42:1b::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
age: 3023291
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: 8UORyW313Zb4hrfwIgPIfjtyRjNtTaFEEHTukmzWpKOsBkU2YmAxO/v1Tik/1AhxDsjapcfZPYE=
x-served-by: cache-dca17760-DCA, cache-hhn4041-HHN
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1594359297.144016,VS0,VE0
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: ABE219859173EF71
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 17

GET
H2 200 urs.js Show response
urs.techrepublic.com/sdk/ 50 KB
50 KB 182ms
130ms Script
application/javascript 34.102.213.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.techrepublic.com/sdk/urs.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.213.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=4096; includeSubDomains

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
via: 1.1 google
last-modified: Mon, 13 Apr 2020 17:57:02 GMT
etag: "5e94a7ee-c803"
strict-transport-security: max-age=4096; includeSubDomains
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/ 150 KB
41 KB 106ms
39ms Script
application/x-javascript 104.109.77.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js
Requested by: Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 89bed39d704b053ce1d89b30eddc2c826c544e702c15de25a1e9ab03812c9450

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
last-modified: Fri, 19 Jun 2020 18:14:47 GMT
server: AkamaiNetStorage
etag: "3051f3383cc276bbcd4e49e111ae9ade:1592590487.30932"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
expires: Fri, 10 Jul 2020 05:39:57 GMT

GET
H2 200 disqus-count-1.0.js Show response
tr3.cbsistatic.com/fly/bundles/flyjs/js/components/ 2 KB
859 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr3.cbsistatic.com/fly/bundles/flyjs/js/components/disqus-count-1.0.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a72aa163f673b0228fbee4e556096cbafa4f5c2fe68ec2080c30fff8daf3f6cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515574
status: 200
vary: Accept-Encoding
content-length: 713
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Jul 2020 09:43:07 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "f270c7cd55a78e5e6b1532f2760a2e5e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jul 2020 06:22:03 GMT

GET
H2 200 dw-tracking-1.0.js Show response
tr4.cbsistatic.com/fly/bundles/flyjs/js/managers/ 7 KB
2 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr4.cbsistatic.com/fly/bundles/flyjs/js/managers/dw-tracking-1.0.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6d175b3cd7b7cf1c633fe5c90107f6a2444c4d764e34622d444c1dedfa901b77

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46345
status: 200
vary: Accept-Encoding
content-length: 1616
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 15:14:22 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "3a5ba2adf80be7cea3a31ee7fecf9b73"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 16:42:32 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 95 KB
22 KB 86ms
28ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: tr4.cbsistatic.com
URL: https://tr4.cbsistatic.com/fly/73deea-fly/js/main.init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88fd051c48a1844ab1f7f7aa4f9cbea14e4b94c9250f118cf2d370d387dc37bd

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:57 GMT
Content-Encoding: gzip
Age: 664
X-Cache: HIT
Connection: keep-alive
Content-Length: 22372
x-amz-id-2: yqYswDuELRoygC0+79rzttnzJN0lcORAGSpPijXkB028Am6vw+/1KCEI9kGLFqTy5SR1sbDUJpg=
X-Served-By: cache-hhn4045-HHN
Last-Modified: Fri, 10 Jul 2020 05:15:16 GMT
Server: AmazonS3
X-Timer: S1594359297.257690,VS0,VE0
ETag: "f9a86d42cb55b65e959b1cb8c30629e4"
x-amz-request-id: 3B573D6961992F15
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 6

GET
H/1.1 200
OK anonc.js Show response
dw.cbsi.com/ 73 B
620 B 525ms
166ms Script
application/javascript 64.30.230.22
CBSI-1

General

Check archive.org

Show headers Download Go to

Full URL: https://dw.cbsi.com/anonc.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1, US),
Reverse DNS
Software: Apache/2.4.25 /
Resource Hash: 225991462222110d933f2d36043f354bf36c05875b57b8dc5f932038edff857b

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:57 GMT
Server: Apache/2.4.25
Etag: ZMtU5l8H/gGVEUW8HsE.1.dw_anonc
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Cache-control: private, max-age=43200, s-max-age=0
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=80, max=193
Content-Length: 73
Expires: Mon, 05 Jan 1970 12:12:12 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 36ms
36ms Script
application/x-javascript 104.109.77.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cbsi/techrepublicsite/202006191814&cb=1594359297312
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 10 Jul 2020 05:44:57 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202007081540/ 155 KB
49 KB 28ms
28ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0073631e3f8f4d541c240211c371d3321edcd5c8616e2e4f29b0afef6c0fddf8

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:57 GMT
Content-Encoding: gzip
Age: 50
X-Cache: HIT
Connection: keep-alive
Content-Length: 49869
x-amz-id-2: 24+OH9OYF0ybx0tLR6AbKXLkT51lu50lC6GBX1dgQwKytsEWckDY255MVnCGfVDkMa64GUJJmxQ=
X-Served-By: cache-hhn4045-HHN
Last-Modified: Wed, 08 Jul 2020 19:41:05 GMT
Server: AmazonS3
X-Timer: S1594359297.325682,VS0,VE0
ETag: "8da8f942ed2f445785426f3f303737d1"
x-amz-request-id: 7C220D248057CC98
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 55

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202007081540/ 68 KB
22 KB 71ms
29ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202007081540/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6748014269b949fbdc4472d00d418c8ab26b36aaa0d36e34d2fb773cffe94dab

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:57 GMT
Content-Encoding: gzip
Age: 736
X-Cache: HIT
Connection: keep-alive
Content-Length: 22049
x-amz-id-2: s71tAXYEgtSUtqLgw2V2A5Q7hOM0tRlpTUy6e/GTlZPdBI+JlqAPWHPOfbqXQ2CQY/1JV+1AXhQ=
X-Served-By: cache-hhn4045-HHN
Last-Modified: Wed, 08 Jul 2020 19:41:05 GMT
Server: AmazonS3
X-Timer: S1594359297.368085,VS0,VE0
ETag: "cb18a0bd02991c72e6b570bc56e400a4"
x-amz-request-id: 4A5ECE09012E1B53
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 404

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 245 KB
34 KB 646ms
645ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=165027342203766&correlator=255226959331476&output=ldjh&impl=fifs&adsid=NT&eid=21065976%2C21066170&vrg=2020070801&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200710&iu_parts=8264%2Cuk-techrepublic%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=5x5%2C728x90%7C970x250%7C970x66%2C300x250%7C300x600%7C300x1050%2C300x250%2C320x50%7C11x11%2C641x321%2C300x250%2C371x771%2C728x90%7C970x250%7C970x66&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0&prev_scp=pos%3Dnav%26sl%3Dnav-ad%253FT-1000%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%7Cpos%3Dmiddle%26sl%3Dmpu-middle%253FT-1000%7Cpos%3Dtop%26strnativekey%3D849cd166%26sl%3Dsharethrough-top%253FT-1000%7Cpos%3Dtop%26sl%3Dinpage-video-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%7Cpos%3Dtop%26sl%3Ddynamic-showcase-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dleader-bottom%253FT-1000&eri=1&cust_params=topic%3Dsecurity%252Candroid%252Cgoogle%26buyingcycle%3Ddiscover%26mfr%3Dgoogle%252Ctechrepublic%252Ccheck-point%26prodtype%3Dandroid%26tag%3Djoker%252Cgoogle-play%252Ccyber-security%252Cgoogle-cloud%252Cgoogle%252Cmalware%252Ctarget%26device%3Ddesktop%26ptype%3Darticle%26cid%3Djoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Duk%26subses%3D2%26session%3Dc%26pv%3D1%26ftag%3DTRE684d531%26vguid%3D8c4466b3-ada9-4df5-a58d-2d9183c2067b&cookie_enabled=1&bc=31&abxe=1&lmt=1594359297&dt=1594359297551&dlt=1594359296621&idt=544&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C436%2C1050%2C1050%2C215%2C215%2C1050%2C1015%2C436&adys=0%2C236%2C356%2C636%2C1699%2C1746%2C4419%2C4699%2C6213&adks=3801188176%2C4139425645%2C456689329%2C934443714%2C2281007336%2C1228029958%2C2423922389%2C3473862186%2C2062891656&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&dssz=37&icsg=137449963520&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x6995%7C1230x110%7C300x250%7C370x250%7C770x20%7C770x3259%7C370x250%7C370x771%7C1230x110&msz=1600x5%7C1230x90%7C300x250%7C300x250%7C770x0%7C770x321%7C300x250%7C370x771%7C1230x90&ga_vid=437449236.1594359298&ga_sid=1594359298&ga_hid=1042315322&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

1c8e402301674e3e8ea1af68c5fa9f91f6d9f5c5dea380498659bad92ce77df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33828
x-xss-protection: 0
google-lineitem-id: 4745699004,-1,-1,-1,-1,4745327422,4745571990,4825966980,4745556468
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239468890,-1,-1,-1,-1,138239368367,138239321463,138247245952,138239447335
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.techrepublic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ddd9ec815e4c46b8b477710e43fde3bf.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 57ms
13ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ddd9ec815e4c46b8b477710e43fde3bf.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 204
No Content / Show response
684dd30b.akstat.io/ 0
361 B 50ms
33ms XHR
image/gif 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd30b.akstat.io/?h.pg=article&when=1594359297611&cdim.Site_View=desktop&t_other=custom4%7C781&d=techrepublic.com&h.key=5VS23-BHL36-JUED4-78U6Z-ZT97H&h.d=techrepublic.com&h.cr=bb5be5a56075704d8cf72ca1d06e07ec0a8b2128&h.t=1594359297104&http.initiator=api&rt.start=api&rt.si=066459dd-7d11-41d2-afa7-d843ae7505aa&rt.ss=1594359298331&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Jul 2020 05:34:57 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.techrepublic.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Fri, 10 Jul 2020 05:34:57 GMT

GET
H2 200 nr-1169.min.js Show response
js-agent.newrelic.com/ 27 KB
10 KB 85ms
28ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1169.min.js
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-amz-request-id: 0F29A27F753E1AFD
x-cache: HIT
status: 200
content-length: 10276
x-amz-id-2: RTyRtbPoVluljTtYOi1PDmzXZ0EgpPGsJyhbvz8bvk6ESiFaefFHrKBOySEZQ3f3qaja+cszoxA=
x-served-by: cache-hhn4077-HHN
last-modified: Wed, 20 May 2020 21:16:15 GMT
server: AmazonS3
x-timer: S1594359298.902139,VS0,VE0
etag: "7e312620a90879b595db1bff9c42ed57"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 20176

GET
H2 200 lance-bio-pic-631x631-1.jpg
tr1.cbsistatic.com/hub/i/r/2018/06/02/2323f2d8-c278-45ba-8d3a-085f08863f01/thumbnail/60x60/8ffa121deaa385b84e807a7ef8b75cf1/ 1 KB
1 KB 6ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr1.cbsistatic.com/hub/i/r/2018/06/02/2323f2d8-c278-45ba-8d3a-085f08863f01/thumbnail/60x60/8ffa121deaa385b84e807a7ef8b75cf1/lance-bio-pic-631x631-1.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2a1c546b39464ab27a76dd1fdf626eac6da4d2fe2530d1055cf01a77a3555b43

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
x-content-type-options: nosniff
age: 8577478
status: 200
strict-transport-security: max-age=31536000
content-length: 1126
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Jun 2018 17:38:54 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5b12d62e-466"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 email-contact-363607940a-rev.js Show response
tr3.cbsistatic.com/fly/js/components/ 683 B
509 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr3.cbsistatic.com/fly/js/components/email-contact-363607940a-rev.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7dd1319f443c7139e7c60a4f22f49acc675bc8ad0a1cc9d8884c823bfeb079f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218755
status: 200
vary: Accept-Encoding
content-length: 386
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Jul 2020 18:03:04 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "06064f42b71308ef933be97ebc2ae389"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jul 2020 16:49:03 GMT

GET
H2 200 modal-enlarge-image-c11ed78037-rev.js Show response
tr1.cbsistatic.com/fly/js/components/ 1 KB
828 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.cbsistatic.com/fly/js/components/modal-enlarge-image-c11ed78037-rev.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

01661dcf90320349d7840dc112cf2ecb26e62318265d548e7c8655097c26d2b0

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218731
status: 200
vary: Accept-Encoding
content-length: 704
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Jul 2020 18:03:04 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "149343b7d5c5ce660844afa4f5257778"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jul 2020 16:49:25 GMT

GET
H2 200 disqus-comments-a95828967e-rev.js Show response
tr1.cbsistatic.com/fly/js/components/ 1 KB
900 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.cbsistatic.com/fly/js/components/disqus-comments-a95828967e-rev.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

71631382cdb89a4eb7a405ff83c871267ec5708da4515d0ed1508f0f9103c895

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172032
status: 200
vary: Accept-Encoding
content-length: 556
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Jul 2020 18:03:04 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "83c12a699d8805d33ae8925cab2fb384"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 05:47:45 GMT

GET
H2 200 advertisement-9a7c0c51b1-rev.js Show response
tr2.cbsistatic.com/fly/js/utils/ 53 B
267 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr2.cbsistatic.com/fly/js/utils/advertisement-9a7c0c51b1-rev.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72485
status: 200
vary: Accept-Encoding
content-length: 81
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jul 2020 08:56:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "658101613d3d7224cad8e54e84219b4d"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jul 2020 09:26:52 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr1.cbsistatic.com/hub/i/r/2018/06/02/2323f2d8-c278-45ba-8d3a-085f08863f01/thumbnail/60x60/8ffa121deaa385b84e807a7ef8b75cf1/lance-bio-pic-631x631-1.jpg

Requested by

Host: tr4.cbsistatic.com
URL: https://tr4.cbsistatic.com/fly/73deea-fly/js/main.init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2a1c546b39464ab27a76dd1fdf626eac6da4d2fe2530d1055cf01a77a3555b43

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
x-content-type-options: nosniff
age: 8577478
status: 200
strict-transport-security: max-age=31536000
content-length: 1126
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Jun 2018 17:38:54 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5b12d62e-466"
vary: Accept-Image-Webp,Accept-Image-Webv
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 modal-1.0.js Show response
tr4.cbsistatic.com/fly/bundles/flyjs/js/components/ 7 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tr4.cbsistatic.com/fly/bundles/flyjs/js/components/modal-1.0.js

Requested by

Host: tr2.cbsistatic.com
URL: https://tr2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5d45fb6c0eedd16bd124f45a8c859b897127b0ed663387e7d07009f2eaec2b16

Security Headers

Name	Value
Content-Security-Policy	default-src https://.techrepublic.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171126
status: 200
vary: Accept-Encoding
content-length: 2034
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Jul 2020 18:03:13 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "01526a372c886eb95ca9e39f0ece2316"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.techrepublic.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 06:02:49 GMT

POST
H/1.1 204
No Content /
685d5b1b.akstat.io/ 0
361 B 44ms
29ms Other
image/gif 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://685d5b1b.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/5VS23-BHL36-JUED4-78U6Z-ZT97H

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 10 Jul 2020 05:34:57 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.techrepublic.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Fri, 10 Jul 2020 05:34:57 GMT

GET
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/1/ 57 B
275 B 431ms
107ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/36c1ca5070?a=398460840&v=1169.7b094c0&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=2084&ck=1&ref=https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/&ap=194&be=786&fe=1993&dc=907&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1594359295844,%22n%22:0,%22f%22:434,%22dn%22:435,%22dne%22:436,%22c%22:436,%22s%22:441,%22ce%22:449,%22rq%22:449,%22rp%22:774,%22rpe%22:891,%22dl%22:777,%22di%22:907,%22ds%22:907,%22de%22:907,%22dc%22:1992,%22l%22:1992,%22le%22:2003%7D,%22navigation%22:%7B%7D%7D&fp=995&fcp=995&at=GRpEEQsdTEpGWUYLTR9F&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1

200
OK

results.txt Show response
kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net/eum/ Frame 3855
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6o6me7m8
https://kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
302 B

141ms
30ms

XHR
text/plain

72.247.178.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 72.247.178.19 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:58 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: Apache
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Fri, 10 Jul 2020 05:34:58 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net/eum/ Frame 3855
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6o6me7m8
https://fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net/eum/results.txt

8 B
302 B

58ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba13 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:58 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: Apache
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net/eum/results.txt
Date: Fri, 10 Jul 2020 05:34:58 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46C4 0
0 65ms
64ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspkMD_Q12h9ZjqKsLlEWwD8D0rmZWBIw4URIO91eWzaSdY2pMpFqeWztAKbeKjXEyQ4-gREf1YmjKQx1mblNswIoU29nHt0v0LLCuu-HDLjALgd1lRPOIVGwPnYxatNKoNCF1ynCpbv7yUTB2fFzJUWGSd_NgCHCIA617vFyZ2XZd43q491nZtTrhfxXGyOaCG3sP392hBzWME3SiFkM5fgPn1vj4P3j7UrhuiBIlerFsrsAuD82Cz2qEY008KJd9Yb3iI90SdYCdxg1kn2ocEFUZPrDo&sai=AMfl-YTDRDAF-FcPG5Uo3FO4ZgpdQTeziOX4DsnYMNTPg1AAh-gm69jy10gvIZLpGDRyYikK8zJGFrRpWbQhuoCR6bTD6njwllWKtDLwD9tNLA&sig=Cg0ArKJSzLEKTlJvUVJjEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46C4 75 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28825
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 46C4 321 KB
107 KB 129ms
60ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=47038
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf1a22caad79e75e58be376fee15825e45af73505c5589722f7883d41035aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27481
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012006300332000/ Frame 0A03 206 KB
56 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9ac17c23561c48a9652733554ce63f0126a0218b21d56059ba4327ee1fa4ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57332
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b662c98f2556dec9"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 0A03 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bae1e79b560e19de202e735d0a0c106a95146d2bcb8dac1433b824615ad2823

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5909
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ebce4f8d8fc71dc2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 0A03 96 KB
29 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7f20155491ad05b1ee7592ba0eca48aa60757cd3dc82b36507166fb4c84455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29781
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40487f7c981141f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 0A03 4 KB
2 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acd68801773b43322277675295779905b9b427c17cbcfd7b300fb4b6402786be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1783
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22142c43fc5bc7a4"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 0A03 48 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52ef2bd3d89ddb5b3cd3f8c0909aa9db339457a3ff3a6f2bb6a5832b40af8f6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15068
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e3b351881fb81778"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0A03 7 KB
821 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 05:06:19 GMT
server: ESF
date: Fri, 10 Jul 2020 05:34:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8718608408134746976/ Frame 0A03 51 KB
51 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8718608408134746976/downsize_200k_v1?w=600&h=314

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

653464ba8e48328a4089169a07b808e076c008f001d029bd8151f0cbff71b512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 22:21:07 GMT
x-content-type-options: nosniff
age: 2531631
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52333
x-xss-protection: 0
last-modified: Mon, 29 Jul 2019 13:59:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 22:21:07 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9934236797688746973/ Frame 0A03 9 KB
9 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9934236797688746973/downsize_200k_v1?w=300&h=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29113e94fe012ef7212d13a268276ef7ef9b24231ece07fd7f3293181895586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 17:47:59 GMT
x-content-type-options: nosniff
age: 2548019
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8871
x-xss-protection: 0
last-modified: Wed, 19 Dec 2018 10:00:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 17:47:59 GMT

GET
DATA 200
OK truncated
/ Frame 0A03 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0A03 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0e1337fec74797d3e26b7c1b7768c29cac519b649aeda966198d0d4f94942ba

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012006300332000/ Frame EE54 206 KB
56 KB 17ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9ac17c23561c48a9652733554ce63f0126a0218b21d56059ba4327ee1fa4ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57332
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b662c98f2556dec9"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame EE54 16 KB
6 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bae1e79b560e19de202e735d0a0c106a95146d2bcb8dac1433b824615ad2823

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5909
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ebce4f8d8fc71dc2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame EE54 96 KB
29 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7f20155491ad05b1ee7592ba0eca48aa60757cd3dc82b36507166fb4c84455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29781
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40487f7c981141f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame EE54 4 KB
2 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acd68801773b43322277675295779905b9b427c17cbcfd7b300fb4b6402786be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1783
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22142c43fc5bc7a4"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame EE54 48 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52ef2bd3d89ddb5b3cd3f8c0909aa9db339457a3ff3a6f2bb6a5832b40af8f6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15068
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e3b351881fb81778"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
DATA 200
OK truncated
/ Frame EE54 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d26dc3f0c90eef0ebd7d3f3c0d7870af6bff2b9bbe28db2b91335ae9415f23b

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012006300332000/ Frame 8574 206 KB
56 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9ac17c23561c48a9652733554ce63f0126a0218b21d56059ba4327ee1fa4ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57332
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b662c98f2556dec9"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 8574 16 KB
6 KB 12ms
4ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bae1e79b560e19de202e735d0a0c106a95146d2bcb8dac1433b824615ad2823

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5909
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ebce4f8d8fc71dc2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 8574 96 KB
29 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7f20155491ad05b1ee7592ba0eca48aa60757cd3dc82b36507166fb4c84455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29781
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40487f7c981141f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 8574 4 KB
2 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acd68801773b43322277675295779905b9b427c17cbcfd7b300fb4b6402786be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1783
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22142c43fc5bc7a4"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 8574 48 KB
15 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52ef2bd3d89ddb5b3cd3f8c0909aa9db339457a3ff3a6f2bb6a5832b40af8f6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15068
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e3b351881fb81778"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
DATA 200
OK truncated
/ Frame 8574 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0371fe0255b9d27d6e69a064da44e538edf8c264a9cd71de03bcac4d54640cc

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012006300332000/ Frame 1101 206 KB
56 KB 8ms
4ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9ac17c23561c48a9652733554ce63f0126a0218b21d56059ba4327ee1fa4ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57332
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b662c98f2556dec9"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1101 16 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bae1e79b560e19de202e735d0a0c106a95146d2bcb8dac1433b824615ad2823

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5909
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ebce4f8d8fc71dc2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1101 96 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7f20155491ad05b1ee7592ba0eca48aa60757cd3dc82b36507166fb4c84455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28864
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29781
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 21:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40487f7c981141f8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 21:33:54 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1101 4 KB
2 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acd68801773b43322277675295779905b9b427c17cbcfd7b300fb4b6402786be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1783
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22142c43fc5bc7a4"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012006300332000/v0/ Frame 1101 48 KB
15 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52ef2bd3d89ddb5b3cd3f8c0909aa9db339457a3ff3a6f2bb6a5832b40af8f6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 82332
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15068
x-xss-protection: 0
server: sffe
date: Thu, 09 Jul 2020 06:42:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e3b351881fb81778"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jul 2021 06:42:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1101 7 KB
796 B 26ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=fr

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 05:34:58 GMT
server: ESF
date: Fri, 10 Jul 2020 05:34:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1101 7 KB
796 B 22ms
10ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007081540/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 04:47:15 GMT
server: ESF
date: Fri, 10 Jul 2020 05:34:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
DATA 200
OK truncated
/ Frame 1101 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e84303e9c0454f20c7f8d48347160cdf844b4612ab6d017c75d40aad4bae6e43

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86DE 0
0 66ms
60ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRYPePc0Q6dUsdLHvU6ed9ZXPqKWcXo_A3lREsteRoaXy7zd-lUqKz10ijz5zyooX-quKaWNTf86OdmWMUfcbXKj3FZV7JDNpnQmT59sKeecUX0RQF_iMLedg4OGWlVsl121RHee6iDvSdxBETrIBbSx0EJXndtX8rEYy9HAfCFuGlKUO2Ap1FSh7nVFLVJgDasLHu70Lp7jJBy_4Q_9tU4SVEgb0f-OEEkDmm6tCzvj_9OSsmc4j_OlT_sY_RmcUju4De83pdMkHmmUu10hm3pBQhbK4&sai=AMfl-YR7k_6k-sQskyS4STkNkZOJbMlUsKD-tARtl8sLFPXRZWoqXO-bv-y9TICtO-X4CF6esc8wySKoKhMOv_cDxLbgT1j-PJ6MUzpGMgHFvg&sig=Cg0ArKJSzBkTXXCKQbFwEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86DE 75 KB
28 KB 35ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28825
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 86DE 321 KB
107 KB 32ms
27ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=47038
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F996 0
0 60ms
60ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzC3OdbwJudriIVVm2p9ljOgruJ6RPPAF8LsRb6yEDA0pYs3RLj7rUknyzEnI97eauqzqjiSIJNsBuoHYN-5FUfz0xWCVMJo4gFzmvxf_EszdMGaZSym0NudaszMQ1dhUuHB6UoxmQ_hihN991C-hZQXEdJCSJST-xFFqXXVEfgQGNos6FgxZqja_hGpy0h9Ll7Opw__XJ9W83upfwgI-VDV6GtudczF5dGCO064S_GdOIY3aFiyi7AGGouW_W0l3mVeoCoERQj7_LWySXgaIJ3EmPCuQ&sai=AMfl-YTw-n_391V7dqTtRPLUQTeS1lh2TfySFtYc6-olaQyUMboeiR4FV8WTAXnmykpkf4ulVKFWu9pKHw2Z_1KHlJMMdFJSnXIksnYoUzE6QA&sig=Cg0ArKJSzJmmZst6DTGNEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F996 75 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28825
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame F996 321 KB
107 KB 92ms
92ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=47038
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B85F 0
0 64ms
59ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZO-_ecRh7E8Istxf9VVuN7d65KYUDAuOrO5OxFb4-pqjnwtFoTi9RgS_dbvFRLNhuUeFnPFnCQRTTSdJtwoGXuUR4BFkJYSiHFYIFV0OgE79x2GcR56niv4GykMhbC0ZBI73VkKIuV5zgg8kXyBOuMl0UYNoWcmVEVapGdUrm0eV2u_94QVSfGftbZY_6bIur0lNiH49n4HCXdZt3wncpRGXnIAwbADw6vvIKNt8ecM_2SyQT8IW2NB8ul1frDdASh1KIz6KtCBm7rxj-TLQgzRiVdLE&sai=AMfl-YRe8-ODsMWsCGN6uvn27jHkwbUbFWJ9zlJzPNzo7VVBcSYVlTbH-_1i3d0R4xIT6szWSzTxpDr8f_hYELZ0phMMEZy1hZnXPNXy2G88mA&sig=Cg0ArKJSzDMlpoWmDHjBEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adKit.min.js Show response
rev.cbsi.com/common/js/ Frame B85F 6 KB
2 KB 270ms
33ms Script
application/x-javascript 104.108.48.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rev.cbsi.com/common/js/adKit.min.js?1198398230
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.48.175 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 10 Jul 2020 05:34:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 18:29:20 GMT
Server: AkamaiNetStorage
ETag: "e524dc608d5c7c30eef57b6ed95dc6a8:1557772160"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2149

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B85F 75 KB
28 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28825
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame B85F 321 KB
107 KB 93ms
90ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=47038
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17AC 0
0 60ms
59ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR0Dr5rc29-KZ23YupsKXv27LMqCBpoahAIjROj-AieGH_LtdAOn-DyBUR2C2heVZOHC1StFzWifqacSsBUqABp2BwoqL4PxQj66qlNnwEGqEEj3w9QbnkiO59eS4dnUU4MHy_DjFbsjausWN0FpHdzP1R5-UjEauaBli6_XR4d6senKMVbrNTc3vTq75PB-AZ4r76IAYMWNbzQGHsIUkT9WZEpmXBFD_jlAdBcXo_7db9FaI2LlxPqFp0axS4AED194acfQ0NAwE0gUUNYLLP2kbiavc&sai=AMfl-YSvyroUALoEMhB6knaXAOgyUeP6VDl6NaLz7n0RtWEMCCnaGVig6k8j15mUpbnbzNe4sn9y2WNARzueCpMqoXIrK6zRSLcan0agot8icA&sig=Cg0ArKJSzJW5bdWnrRSrEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17AC 75 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28825
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 17AC 321 KB
107 KB 101ms
101ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=47038
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A03 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A03 295 B
405 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0A03 0
0 61ms
60ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYsolAf4HX6DSKMLs3wOQv4bYBueH15Fe-PPb0KkKv87z_QgQASDMka4iYPuBgICICqABl5DhvwPIAQngAgCoAwHIAwqqBKQDT9BGUjr5R57I0xd16n7MssvvjjGhCiZ0w6rXOIuFoanviGugYZM87rZA818SNxJDGaJdFDh5-KDUHtR_n21h6TLNxbBS1fFNqZBueIOsUwUJb5hAIuBTvc0NA5YGXlAPfa8Bt8959CAejsO1VaK6cQFqmVGG2bmhYyTx5lc8VULVCNWT8wRXiFNt_vZLNnVgkQTcQt10Axgxe0qsfVnN6e6vDlJI6twFe88otlRY7aLbdRGUQPEpaQualnFQJ7QoArA0cMVJQczGPU4gyh8LuHEBls2d1YjgJqYXJSnwy-epr-7PV3F8oCPjXtoLIIMFUerM6dVAQ-6dwrhFHLc9e0QeL-2HUAPmPg_bOu8PHI0-fPdVAeTWqjPCVIimBdVezU3tQgSqf43TtX2a_2c__8TRIwM0bi2e6cFDKZXSHQ7cwXcfvR2dwHFj2AOb9uxzCe2sIWJmVGqELIvEIDtwBY51YAo8qJ_Wz854kOfLz4nK9jaZ4tx9iieobQlD8OJ2424ZWOh35mcpvLiPm6Fli4jrG4kb-Sj3gQxVQRRQDaLSOfirwASti4DkkQLgBAGSBQQIBBgBkgUECAUYBKAGLoAHmvf1QqgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBC1ni_SCAkIgOGAcBABGB2ACgPICwHYEwyIFAQ&sigh=SPnDPzNR3_U&template_id=484&tpd=AGWhJmv67DPife94jmsr6o2_y0a-0yl7nw7Ks-h7HzUTcR-zyQ
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 15904210491932211533
tpc.googlesyndication.com/simgad/ Frame EE54 74 KB
75 KB 9ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15904210491932211533?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk-7cOxni2iGP8VQZf5See0HFt_pQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03bfd468751391fe89b0d297f94a7ddafbdc2dbb5064a6fd70cc49a82390da51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Jun 2020 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 14:57:43 GMT
server: sffe
age: 1166003
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76166
x-xss-protection: 0
expires: Sat, 26 Jun 2021 17:41:35 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE54 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE54 295 B
359 B 8ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EE54 0
0 61ms
59ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7sPzAf4HX6HSKMLs3wOQv4bYBvWMt_ddgde38YAM_b7p8wMQASDMka4iYPuBgICICqAB4__L_APIAQLgAgCoAwHIAwiqBKEDT9Bnb3RFlzQRsEfvfD3GNDxEQTDHlouKfZXWX9pA0vkphPn5K6RKWrPMlMmqKsg8DJwc3PKhbJmzcvxRomw4f4hli4PMLxyawtAKxYcIW2Q8yO0zu4r1QpF_6gXns8E0KJI9tYXidXJTyyXm6hzwnzdvChe23ttsmCqkipZQhPxwfopw52M7MuBr0Hg9ETcXDXYBDeg-FtcAXZElffdULktdYQxQwLm90me6bo04eaZ6i32HYCPeu3NwTb6xELQkpp3PDNQomlt3SFRPVqXT4bmmqs44uqnmvoiTjEp7nup6DYow4xBB0REcyvBsustjc371oRqU4hBitZpMV6bS1QGz0XqgwJUoyzZFlUkweKjP7-yju71VatpMPyz2SqUMYYsE-w_LbqJ82BJcyZf8AWlCixksq3WaeXnCj5JtvOV5i9Xr-FSdUxOSlwt5x4SqkRxYLIma-njDTcBlBDZMPuo4WWeSjbnc8dhGlatFiQyNiTFUseE_U2xnTuURKz50AQoCfti7SYgl-iNpm-WuDdVO1Zk23g39RHWtawfp7XsjwASqxtex7wLgBAGSBQQIBBgBkgUECAUYBKAGAoAHhYC0A6gHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDOqnfSCAkIgOGAcBABGB2ACgPICwHYEwI&sigh=CI3ka63ss9k&tpd=AGWhJmtZKZMUBeszy1QAM43RJ6rNvKoXWZ6mWE1gjxbNSAsYPA
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 12055046029221076319
tpc.googlesyndication.com/simgad/ Frame 8574 113 KB
113 KB 11ms
9ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12055046029221076319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72146d7bec0dbe1aeb3d8b29ff7352939200e2309a80af732bf2d9cd2f8c7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 13:23:03 GMT
x-content-type-options: nosniff
age: 144715
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115550
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 10:26:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jul 2021 13:23:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8574 2 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8574 295 B
359 B 14ms
14ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8574 0
0 61ms
60ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8LxbAf4HX6LSKMLs3wOQv4bYBoLThZRewfGf0YgMv-EeEAEgzJGuImD7gYCAiAqgAfGD_ZUDyAED4AIAqAMByAMIqgSlA0_Q0ArsXANfxtcw6HFSx3M1RKhBPsf-23bxVn3X0hA_TbpRFGWf6jZTy2kUThhkZPa2-0NSxbBnfXT28pwSS6R7HWmH6RK_LQIpdgWkzDDnTK4nRJdHlpeb3B9Shr3Tx7nVl8oxtZ7Yni1cSwmKSFVXj7M3f3NdOnO3O0cTq8rMpACnp_V_-yQiDdAM6ECVlV1DprtqUTkww-nCUx59SJ9sGxRRKmtuOz3PlPMS0LyEaGV9aJoG9mWc8w16Rr2nb5ZLgqZWHbvx9f2-IM_qi8ZwTYGbIqn4ESR6wHowC5vOx2i6E49EhEsOu4dDrB5DaJfnQLICRVHXmN3D27DGqa6yl85N2gvLx_EVXMZMrHV8GdRtulGbZhxypqY57mtQqXcozoOmKKaWJaL8TOUhYO_B5RGClA2M4kKXU6DR0JqPVBZy_1WdQTKDzmFD23kfpXGfT1I3cyRlwg2XoniBtg9n8_u9YfqrPB63h-YjPi25-cUPfsHO5CXfAvPizLy2KUwj0f81n4xkWFtlGygVwpIcxvXvjTJpscVFqDUGDTdranjVZBfABJrT8d26AuAEAZIFBAgEGAGSBQQIBRgEoAYDgAfxhNOPAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCKmwfSCAkIgOGAcBABGB2ACgPICwHYEww&sigh=uQ4dGGoQ8l4&tpd=AGWhJmtyLBRdjmLg2jXeo_Suyzz1V4QlEHFBy2RYKBwVLzscyg
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 9675566692613159887
tpc.googlesyndication.com/daca_images/simgad/ Frame 1101 53 KB
53 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9675566692613159887

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc95d2457155c342ec456a00f57ce4a9cef92be5f4805c51cd8fb00d2cead0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 09:11:00 GMT
x-content-type-options: nosniff
age: 2492638
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53809
x-xss-protection: 0
last-modified: Wed, 08 Feb 2017 19:00:08 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 09:11:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1101 0
0 63ms
62ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1dnGAf4HX6PSKMLs3wOQv4bYBrzr6uJa8bbXgOkKwI23ARABIMyRriJg-4GAgIgKoAH2uq_GAsgBAakCHCEbt8Xusj7gAgCoAwHIAwqqBKgDT9CmKIc2MtncXdEdpSI6mWjiDbq-0ZeG3PyIRB_wNRCQs1zxY1lPw6CTYYexuzPARTp7URZAWH6w-r49-3RW_-YHHpCmpGFwYKA8v1eANcqI8lLz74I4IXLsKbpv7lmTMB8YQ85b_3kM5XiPuGv4MNlbEqskC6FoduXwF40tua6YJmfilPKKA88tThOEdOr5b2Isf2emIrT4gmMQ9mNEfrsR3R1IbvvjAz98MkVXtp2tEacqs3e71FL1vbHMOaCcVomXWzKCRYhBv__78mZTHSq27MGVdqgfzolBvHT2usGOUk_znBh463kDW4EX-Scui2GDvHZpduJcgdHswOphXJDy0z9eAZBB5dWFC7YBvYKibscfxpiP4OdfpMliRR-Q-RSFBjNfCofN60DDfTPv7Mz2i-hgsuyo4yLxML1xxOq2I5eAE5ARs8jHYHrCO2cEH5cXOEF9fcZmvolTk-YBnqD8h5c5v4RLvCH4gW3XmQ9UcrYJkbVBX2eVX0pf2ieeZ7tYiAeLQD_vYhbl1qbMz_XKY0tqWN0dDZYw7UUM9ptGfQgix_UQ-cAEoM_4od0C4AQBkgUECAQYAZIFBAgFGASgBlGAB_LE0LkBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEMe9B9IICQiA4YBwEAEYHYAKA8gLAdgTCg&sigh=BOt1Scr_id8&tpd=AGWhJmvX7Y430nESaFt0zVx1XWdeKdpfPv8Oz9oAPYbZIs7FDw
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1101 2 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1101 295 B
360 B 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020070801&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba6f8c1d66cfce60bd321a6335a81a703c4c84c4ffb75b98662281968f827b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5704
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0A03 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.techrepublic.com

Response headers

date: Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2438116
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:19:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0A03 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.techrepublic.com

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2560191
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 1101 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=fr
Origin: https://www.techrepublic.com

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2364802
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 1101 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=fr
Origin: https://www.techrepublic.com

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2560191
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 1101 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=fr
Origin: https://www.techrepublic.com

Response headers

date: Thu, 09 Jul 2020 02:32:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 97323
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:32:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ 124 B
298 B 124ms
42ms Script
text/html 52.16.26.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359298561&de=816051418876&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=2&cb=0&ym=0&cu=1594359298561&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745327422%3A138239368367&zMoatPS=top&zMoatPT=article&zMoatFT=TRE684d531&zMoatW=641&zMoatH=321&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatSL=inpage-video-top%3FT-1000&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=top&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatSZ=641x321&zMoatSZPS=641x321%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=864443976&cs=0&callback=DOMlessLLDcallback_3187906
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.26.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: 5524877399f08e3ceb414d49d02e1bdbe435b562964181a354634ca02d7642db

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
server: TornadoServer/4.5.3
etag: "11d08187cd189e7f08c17fdf6fc3af2b4038919f"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 124

GET
H2 200 n.js Show response
geo.moatads.com/ 127 B
302 B 124ms
43ms Script
text/html 52.16.26.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359298561&de=816051418876&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=3&cb=0&ym=0&cu=1594359298561&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745327422%3A138239368367&zMoatPS=top&zMoatPT=article&zMoatFT=TRE684d531&zMoatW=641&zMoatH=321&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatSL=inpage-video-top%3FT-1000&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=top&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatSZ=641x321&zMoatSZPS=641x321%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=1693487671&cs=0&callback=MoatDataJsonpRequest_3187906
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.26.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: 1f6ac5515ac9609bec71a343414149b638f3408a806216984c66d2666934daaa

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
server: TornadoServer/4.5.3
etag: "e8507c5fb215d4096545f4b86391935d486ae693"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 127

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 29ms
28ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359298561&de=816051418876&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=4&cb=0&ym=0&cu=1594359298561&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745327422%3A138239368367&zMoatPS=top&zMoatPT=article&zMoatFT=TRE684d531&zMoatW=641&zMoatH=321&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatSL=inpage-video-top%3FT-1000&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=top&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatSZ=641x321&zMoatSZPS=641x321%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=241173033&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86DE 0
54 B 60ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNq_lB_n9dUIDSYohz667HZhQm_F3FLqXHI0un2pzrUp3izHhE1AK_zAXutaWVQHrpzydZ-gZg_Fd8DUSKO9Mm1NHMarVhBmJbcu2sTqsRKJlnFoS9B8Lzuh8WnW-5a6_brvrxHmB6NSQSSrm25iwThroHz3aCF890Nwul-LpESjsJfViLPLek4I7E3qQOCLayarZbuEMgpdqWetH3JvT9g9zwAM0gJVyYMBJQMx-S-EKE3o8S-ShlEtY8wQfJldtRa9mdLlV9bticicj-7Sn2lTn5oe5iNw&sai=AMfl-YTpEc7Cn7HNl6rIYLV_aK4G6WZMcChMHwx-UKDhu0GtBgqkKF2JMaYxpr-mZaRO7CeoH7fK_bUju1fXykgL-wLwH7adTZ7XqhKO05CHaQ&sig=Cg0ArKJSzMWwffJ6IGsQEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46C4 0
54 B 61ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkF4v-Lh61p3ZISGsHJE8rD_btMcVZ4hhsWlN9WTOfsd9RhDlqEpOHWf0ILxOMYsNzwb2qJiD_aG4T7OyOQah-27r5Zu2ftt4LhREGQ4_oLO0crrc4oLOAQ-M3b3js4dQ5ZqJHpxXT8JugyXmPws3yM8dJur-PesiXOSw2aM6rAxkfZ6mIyBtrso4ct8gJcl7HLbBG0BHmhcWwTENbMRpb6CVovd-WQh_6iiyDsmyg4cRHwsWV8vB_WB76sZAnmfNc5YGqR1LdQzs5CSGOfGlk_k3lOu5mUA&sai=AMfl-YTpHRn7XTDAWJX8qQXiD9CTlczB6990gAFNcp8Hbm1gsInujj9R55CHeSIlCnOIo56A0oTi5qYr8QNLLi_vNrYxe4Wt5ZPkefIKTwjzNg&sig=Cg0ArKJSzBfer-Uktm00EAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F996 0
54 B 60ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy3wifcCE02mfrrTYsnaJADXQNvbkhsctGAMpvqfy6uNHmh2skKRLSFWWkx7Qjqmida0BR7roT1OyIlkLWhKMWwiFelOitqt65GIPhLAXZJRdMFfl1eUao1Ll8kQJ9MOiDwL7kCH-JPMRX6FU9aNex1_6nEXXg_WUSysekIUhSoQq6GNVGgA2kDG2g3Wfsr4DJ7Qrye2kwnR4Wii0aT3Uw4702qu1JOrdtN0nF2Mlb3eAyqInhLLj32DMRTYxnqDw8n4qYDtxLfUAyadBkiz-vKJw9hD8Osw&sai=AMfl-YQOzMGzdJ7hQMQezfgeU1ZgPc6VBvxDi1_2Yqizvf6Xc2rJeb8HqSZvwV-8ryBKZV4bGucaiMp0Sm-Q1usoXUdJNiJS4adkq_MmBHN-5g&sig=Cg0ArKJSzOcc9Yr67BnXEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17AC 0
54 B 61ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGTdHqlTkKLxZHXoeG-oL7R1tQmiWwYekOvqhQ1JHp9bdwY29VyI77vx2lDbcqUHnhZnT2jx9mJU3zQDp9CiD5RixcqrUprlmuiOOEyIMG3YI0zAiRjmjT1TH3S9ZOqx-8JiuekPm4wsqZ1UiJi1FSxbkBCRkh2XRmTK1NW8o-frGM_pUiiOfFXRl9g_Zj5DAnduZzUaIZmADWlFsLN-PC2n8-ZEl6gDacCf5xWzcWXmXgRCzNJjaNB7-xdvignk5KtC0wgv_ONOarQpmSZkfJITONFnbLsA&sai=AMfl-YQDUCVrvqQEsHeDRLT1VeIt42MUbktYKhuH_ZCClc7AerLPp2BgTClG49O9LIfkC1XRYFRBnQe3_F1nw1GmVWDhewXKIrxL_sTQG5tMYQ&sig=Cg0ArKJSzHc5Ox3J7oydEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 86DE 52 KB
20 KB 25ms
24ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 46C4 52 KB
20 KB 24ms
24ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame F996 52 KB
20 KB 26ms
26ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EE54
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8574
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

22ms
22ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1101
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
40ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 10 Jul 2020 05:34:58 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 17AC 52 KB
20 KB 37ms
37ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B85F 49 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?1198398230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e443d52b0e459fe460d4032db647790367f45254e45aca021efa183e9e523a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "566 / 456 of 1000 / last-modified: 1594332564"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16535
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
27ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359298640&de=444948900612&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=9&cb=0&ym=0&cu=1594359298640&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745699004%3A138239468890&zMoatPS=nav&zMoatPT=article&zMoatFT=TRE684d531&zMoatW=5&zMoatH=5&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatSL=nav-ad%3FT-1000&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=nav&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=1904213370&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Jul 2020 05:34:58 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A03 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0A03 295 B
360 B 5ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 15904210491932211533
tpc.googlesyndication.com/simgad/ Frame EE54 74 KB
74 KB 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15904210491932211533?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk-7cOxni2iGP8VQZf5See0HFt_pQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03bfd468751391fe89b0d297f94a7ddafbdc2dbb5064a6fd70cc49a82390da51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Jun 2020 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 14:57:43 GMT
server: sffe
age: 1166003
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76166
x-xss-protection: 0
expires: Sat, 26 Jun 2021 17:41:35 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE54 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EE54 295 B
360 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 12055046029221076319
tpc.googlesyndication.com/simgad/ Frame 8574 113 KB
113 KB 7ms
7ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12055046029221076319

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72146d7bec0dbe1aeb3d8b29ff7352939200e2309a80af732bf2d9cd2f8c7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 08 Jul 2020 13:23:03 GMT
x-content-type-options: nosniff
age: 144715
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115550
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 10:26:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jul 2021 13:23:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8574 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8574 295 B
360 B 8ms
4ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 9675566692613159887
tpc.googlesyndication.com/daca_images/simgad/ Frame 1101 53 KB
53 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9675566692613159887

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc95d2457155c342ec456a00f57ce4a9cef92be5f4805c51cd8fb00d2cead0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 09:11:00 GMT
x-content-type-options: nosniff
age: 2492638
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53809
x-xss-protection: 0
last-modified: Wed, 08 Feb 2017 19:00:08 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 09:11:00 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1101 2 KB
3 KB 8ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 66360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Jul 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1101 295 B
360 B 9ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Jul 2020 08:18:35 GMT
x-content-type-options: nosniff
server: cafe
age: 76583
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 10 Jul 2020 08:18:35 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 9523 0
0 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 10 Jul 2020 04:34:35 GMT
expires: Sat, 10 Jul 2021 04:34:35 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3623
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
27ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359298652&de=992596635287&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=14&cb=0&ym=0&cu=1594359298652&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745571990%3A138239321463&zMoatPS=bottom&zMoatPT=article&zMoatFT=TRE684d531&zMoatW=300&zMoatH=250&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatSL=mpu-bottom%3FT-1000&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=bottom&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatSZ=300x250&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=1385681798&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B85F 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.techrepublic.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B85F 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.techrepublic.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020070801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B85F 249 KB
89 KB 33ms
33ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Jul 2020 15:29:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90527
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:59 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0A03 0
53 B 817ms
179ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1594359299066&qqid=CODW05z7weoCFUL2dwodkJ8Baw&rt=any.link.3.m.f.5.0.0.18cv.188k~any.script.4.h.1.e.0.0.4md.4k5~any.script.4.i.4.d.0.0.n1r.mz9~any.script.4.e.1.c.0.0.1fr.1dj~any.script.5.c.1.a.0.0.bpl.bmk~any.link.5.f.0.e.0.0.mt.jf~any.css.7.e.6.7.0.0.14ih.14dp~any.css.7.e.0.d.0.0.6xm.6uf~any.img.1u.7.0.5.0.0.20i.1xi~any.img.1u.7.0.6.0.0.b9.87~any.img.1u.1q.3k.0.0.0.0.0~any.css.69.7.1.5.0.0.8pz.8mk~any.css.6a.6.0.5.0.0.8lj.8i4~any.img.jd.6.0.5.0.0.1zb.1xi~any.img.je.6.0.5.0.0.a0.87&met.a4a=dcl.0~ol.605~nvs.1594359298259~ini.1594359299067
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 86DE 0
338 B 776ms
168ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0jn&chm=1&ctx=2&qqid=CJyU0Jz7weoCFUL2dwodkJ8Baw&met.4=fb.5~lb.7b~ol.9j~idt.-5i~dt.-km&met.3=197.7b~123.7a_1~117.9e~116.9e_6~118.ez~118.f7~118.fj~197.fk~118.fm_1~118.fn~118.fn~118.fo~143.g6_1~118.h1~118.j0~118.jb~118.jw~118.k0~143.l3_1~113.lq_2~112.lp_3~118.lx~118.m4&met.1=1.kcfsczxx~14.1~15.1~16.1~17.1~18.1~19.1~20.9e~21.9k&met.7=CCoQChgBIAYoBjA9ODc~CBsQCiAGOGQ~CCIQBhgBINcCKNcCMJQDOD1o2AJwlAN4NrABAbgBAw~CCgQChgBIKQEKKQEMMAEOBtopQRwvQR4-qEBgAHLoAGIAZ-hA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1101 0
53 B 755ms
169ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1594359299080&qqid=COPW05z7weoCFUL2dwodkJ8Baw&rt=any.link.2.g.7.6.0.0.18b0.188k~any.script.3.n.1.5.0.0.4lu.4k5~any.script.3.s.4.7.0.0.n17.mz9~any.script.3.q.0.5.0.0.1f8.1dj~any.script.3.w.4.6.0.0.bo9.bmk~any.link.3.r.1.l.0.0.m4.jd~any.link.3.n.0.e.0.0.m4.jd~any.img.16.k.1.8.0.0.15mr.15ip~any.img.16.1s.2y.0.0.0.0.0~any.img.16.j.0.8.0.0.1za.1xi~any.img.16.p.0.5.0.0.a0.87~any.css.5r.7.1.5.0.0.8lf.8i0~any.css.5r.7.0.6.0.0.8jy.8i4~any.css.5s.6.0.6.0.0.8mi.8j4~any.img.ip.f.1.6.0.0.15l8.15ip~any.img.iq.d.1.5.0.0.1zb.1xi~any.img.iq.d.0.6.0.0.a0.87~any.img.ju.1b.l5.0.0.0.0.0&met.a4a=dcl.0~ol.601~nvs.1594359298286~ini.1594359299081
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 46C4 0
53 B 753ms
168ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0jw&chm=1&ctx=2&qqid=CJeU0Jz7weoCFUL2dwodkJ8Baw&met.4=fb.6~lb.72~ol.bq~idt.-3o~dt.-is&met.3=197.6y~123.6v_6~117.bo~116.bo_1~118.gr~197.gv~118.h2~118.hd~118.hh~118.hi~118.hj~118.hj~143.i7_1~118.iv~118.kw~118.l6~118.lq~118.lr~143.n0_1~113.nt_1~112.nt_1~118.nw~118.nz&met.1=1.kcfsczw3~14.0~15.0~16.0~17.0~18.0~19.0~20.bo~21.bq&met.7=CCoQChgBIAgoCDAZOBI~CBsQCiAIOKAB~CCIQBhgBIKYDKKYDMOQDOD5opwNw4wN4NrABAbgBAw~CCgQChgBIPIEKPIEMI0FOBto8wRwiwV4j6EBgAHLoAGIAZ-hA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F996 0
53 B 753ms
169ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0jy&chm=1&ctx=2&qqid=CJ2U0Jz7weoCFUL2dwodkJ8Baw&met.4=fb.4~lb.5y~ol.a1~idt.-5q~dt.-ku&met.3=197.5x~123.5w_2~117.9z~116.9z_1~118.er~197.et~118.f0~118.fc~118.fg~118.fg~118.fh~143.gb_8~118.gt~118.j3~118.j4~118.jo~118.jq~143.l2_1~113.lu_1~112.lt_1~118.lw~118.lx&met.1=1.kcfsczy5~14.0~15.0~16.0~17.0~18.0~19.0~20.9z~21.a1&met.7=CCoQChgBIAYoBjAVOBA~CBsQCiAGOGY~CCIQBhgBIOgCKOgCMKYDOD1o6QJwpQN4NrABAbgBAw~CCgQChgBIKkEKKkEMMUEOBxoqgRwwwR4j6EBgAHLoAGIAZ-hA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EE54 0
53 B 736ms
169ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1594359299122&qqid=COHW05z7weoCFUL2dwodkJ8Baw&rt=any.link.2.p.7.7.0.0.18b0.188k~any.script.3.x.7.e.0.0.4lu.4k5~any.script.3.t.6.b.0.0.n17.mz9~any.script.3.n.1.9.0.0.1f8.1dj~any.script.3.m.2.7.0.0.bo9.bmk~any.img.1m.i.9.7.0.0.1mw0.1mrq~any.img.1n.8.0.6.0.0.1za.1xi~any.img.1n.8.0.6.0.0.9z.87~any.img.1n.1q.3d.0.0.0.0.0~any.img.j4.a.4.6.0.0.1mui.1mrq~any.img.j5.8.1.7.0.0.1zb.1xi~any.img.j5.7.0.6.0.0.a0.87~any.img.jz.g.kf.0.0.0.0.0&met.a4a=dcl.0~ol.605~nvs.1594359298269~ini.1594359299123
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 17AC 0
53 B 166ms
165ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0l2&chm=1&ctx=2&qqid=CJ-U0Jz7weoCFUL2dwodkJ8Baw&met.4=fb.5~lb.6j~ol.dv~idt.-66~dt.-la&met.3=197.6i~123.6h_1~117.dt~116.dt_2~118.eb~118.ej~118.ev~197.ew~118.f0~118.gd~118.gd~118.ge~118.io~118.j8~143.j8_1~118.jc~118.kp~118.lh~113.mh_1~112.mh_1~143.nv_1&met.1=1.kcfsczyl~14.1~15.1~16.1~17.1~18.1~19.1~20.du~21.dw&met.7=CCoQChgBIAYoBjAXOBE~CBsQCiAGOGk~CCIQBhgBIPMDKPMDMLMEOEBo9ANwsAR4NrABAbgBAw~CCgQChgBINAEKNAEMPcEOCdo0QRw9gR4j6EBgAHLoAGIAZ-hA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8574 0
53 B 168ms
167ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1594359299133&qqid=COLW05z7weoCFUL2dwodkJ8Baw&rt=any.link.4.n.c.7.0.0.18b0.188k~any.script.5.s.1.6.0.0.4lu.4k5~any.script.5.u.1.6.0.0.n17.mz9~any.script.5.w.0.7.0.0.1f8.1dj~any.script.6.12.8.6.0.0.bo9.bmk~any.img.1g.i.6.9.0.0.2hb1.2h5q~any.img.1g.i.0.d.0.0.1za.1xi~any.img.1g.i.0.e.0.0.9z.87~any.img.1g.1r.37.0.0.0.0.0~any.img.iy.9.2.7.0.0.2h99.2h5q~any.img.iz.a.1.6.0.0.1zb.1xi~any.img.iz.b.0.6.0.0.a0.87~any.img.jt.n.kg.0.0.0.0.0&met.a4a=dcl.0~ol.605~nvs.1594359298276~ini.1594359299134
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012006300332000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 29ms
29ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359298806&de=32428174316&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=19&cb=0&ym=0&cu=1594359298806&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745556468%3A138239447335&zMoatPS=bottom&zMoatPT=article&zMoatFT=TRE684d531&zMoatW=728&zMoatH=90&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatSL=leader-bottom%3FT-1000&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=bottom&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatSZ=728x90&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=1288146324&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B85F 52 KB
20 KB 25ms
24ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B85F 20 KB
5 KB 77ms
77ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1210017500100058&correlator=2815881750104182&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21065975%2C21065725&vrg=2020070801&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200710&iu_parts=8264%2Cuk-techrepublic%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Dc%26subses%3D2%26ptype%3Darticle%26vguid%3D8c4466b3-ada9-4df5-a58d-2d9183c2067b%7Cenv%3Dprod%26session%3Dc%26subses%3D2%26ptype%3Darticle%26vguid%3D8c4466b3-ada9-4df5-a58d-2d9183c2067b&cookie=ID%3Dd49034c9fba5bece%3AT%3D1594359297%3AS%3DALNI_MYY_pwlOCrRIUDjfWWzPwNYbxPF2Q&cdm=www.techrepublic.com&bc=31&abxe=1&lmt=1594359299&dt=1594359299235&dlt=1594359298308&idt=917&frm=23&biw=1600&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=1117404336%2C1117404335&ucis=w1shqkct1jp5%7Cs91c7yhz3noy&ifi=1&ifk=1359017224&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&top=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&dssz=17&icsg=43656&std=0&rumc=1210017500100058&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=384687825.1594359299&ga_sid=1594359299&ga_hid=342159899&fws=256%2C256&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

471abea631568fd59cbf5fbe22cded0219d15116e27c8faf8f6900412d5437c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5402
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239468731,138239375180
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.techrepublic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
28135b6b4edfdc2066177db53e9bcd71.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B85F 0
0 48ms
13ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://28135b6b4edfdc2066177db53e9bcd71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B85F 0
0 6ms
5ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
28ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359298921&de=922438478757&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=24&cb=0&ym=0&cu=1594359298921&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4825966980%3A138247245952&zMoatPS=top&zMoatPT=article&zMoatFT=TRE684d531&zMoatW=371&zMoatH=771&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatSL=dynamic-showcase-top%3FT-1000&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=top&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatSZ=371x771&zMoatSZPS=371x771%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=805416436&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B85F 0
54 B 59ms
59ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvr8BvZ2zVkbLJzNJ3WQifa4-Ntxzyjm0nUipQsNtYTl3DSLJfFYWz80bAQ6YyLc72y6GKkSAQ_4h9Hu3V4StFITFAGEPM0m6IHdG_ayGNfP_xrLYrG96QYC44JfOSDUdI0JiMvGa3auBJ4LKCHWOkbz_RO2tATq5I2oLy5YBQSNEmcWpqEVllcS_FVYQUkYIqXjV3A06ZHKKWgjjB3vaVNiY-WfXjc3j_TDdUF53xmhzPnP1BZYHJaIcyYkyEN7yzQNAooyifSKzjL-bFsDM9LjUZDC99sSw&sai=AMfl-YQ4Si8ukrKSaeijZXE-W5K9bD3hVgFT0OE6Ww9IrV782x2a7eQ06FNiV_68aFPE1dy4d2lvlqUIGooASUR3_JilTLFL4MXvMG5boua35A&sig=Cg0ArKJSzIoeayQnhZyNEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B85F 52 KB
20 KB 24ms
24ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B85F 0
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.techrepublic.com&doc=complete&pg_h=0&pg_w=371&pg_hs=771&c=0&aa_c=0&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 41ms
39ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020070801&jk=165027342203766&bg=!lJell49Ygu20V3NoRcwCAAAAMlIAAAALmQGFq5I_9Ue2aoJBZpRJ3MAqOdCzNLx8qFVISrGGKImWbUTw31xKqw1GTWhAfboDR2qfwBAWLLGkXrIDPZv-RppqX4H1glclhDnvmu_Do1Q1UCQG6I9o1r-rixXYM-iPI-JcVo1xJkCiV2Jk5r5k7LJNQcqJFYxZwUsZ8T-QejV3mGKe9J8K_NG4jc-gBQSn2Fj9FAH9YEfl-r9GPeaJ3NVBoYwJvsVjmF1IoW-9IYWnf-x8tywMD6y5hmZJyFjiucQKwo6I3Ml7-cePJraOC6rmr398nd1xJp8-JnOBedxFRW42lkkCRSYwHjcF45VW_iOLrKYwZ-Hy3rQSv17tg8yOAm1_Lx_-kHse1urqGtCw59vsUa7-aSIqy9o59qvpTxTPslTYzJe0hZvIUx6rePmLWm7mjYC6DtZ0UGHjkgeZ1UxVnr8Cw0WWl86gME1uJWpPulBNDEAMoO83F5lEPvCsjJTq5HruHBhPNB1muaqHsVB7qsWFIaQo6JlW1E15KVfHaZT9IbA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B85F 0
53 B 168ms
167ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0pw&c=1210017500100058&e=21064169%2C21065975%2C21065725&ctx=1&met.1=1.kcfsczyc~14.0~15.0~16.0~17.0~18.0~19.0~20.ql~21.qn&met.3=113.rk_1~112.rk_1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9532 0
0 60ms
59ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNB6_gTmRdZnH1FOr5EIowejAwgltckhe96rreIB4rFcxLl1tM6ESNG2hOJ61MMGvHub9EDtPZxqE1VanIEKEPvLD19HXSoGK2noo875ALcYvQtwneClxkyXVtE5730pnJh2ysn5NOTGJVCg2zaAKaZ1n-5DSfRNXZNzsJQz2PLrRfz9-WWaq2jZDfFTZH6zo5U02QzRPHFOWINNNNN8Zo_GhwzDMvAL37IXg0iusHBrDpBNn5B3a9M4GvYh8rY176x4WK6_kirZFfgKb2H6cXJLQ7eFY&sig=Cg0ArKJSzFJWFUcPpb9yEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9532 75 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28825
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 9532 321 KB
107 KB 28ms
28ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=47037
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 02C2 0
0 60ms
60ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZCfQ5TLbLDwKKHWVlqlgO863jDL3VXuKJct3mHCBaPgu3bNufhSyiQKBZbQie3CitQx5IeuRuvXs0yzENKChmN4_-irXls1haJBf3rVbQd3nHrKn-PAl3q0AlpUMupMZoB5TjzKxPndGowyXhUdAZnYph_bG11AcudbK7O9fxT5xQX6Oc25lBpndvcjXcnKJ7ehRodEDjJm1mFppt_xKbuU7Xwq0orzzA5mJfkS9wgc3GPfQRgh0Atacmob3bcFp22aNyf86jZEzwUs5vMQynMxJ7cIc&sig=Cg0ArKJSzOww6qKi4FO_EAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02C2 75 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28825
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 02C2 321 KB
107 KB 31ms
30ms Script
application/x-javascript 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=47037
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B85F 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf1a22caad79e75e58be376fee15825e45af73505c5589722f7883d41035aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594221094242358"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27481
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B85F 7 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020070801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c320940678c0fc6a324e935d151586b47aed7ca5f099ffe81925ecf6b0612bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B85F 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame CEA5 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 10 Jul 2020 04:34:35 GMT
expires: Sat, 10 Jul 2021 04:34:35 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3624
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
28ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359299381&de=709381462669&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=28&cb=0&ym=0&cu=1594359299381&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239468731&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=-&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=544360176&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Jul 2020 05:34:59 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9532 0
54 B 61ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBq0svCqYM4FEMQslQm9SeFJOUZONk9d7hjClPFhI6QkSMBSoPIroNHt08ysSmNrdfUMbyvul1eMQxI_COJt2JqnE5ue7cwloWSOpVeryBUTxI75Wu7nZ8vi1Lj9CL1FtM3nquw3A8qSR8YPB7TVFJAPvmfOHVd-dZMuuSqxBUdMRhUYPRikWBUoegjGoOMxHuaEv7-rPb7sE-amTdrgbDepBdXPpMRdb4tkKeKd8pf7QXTo6z2Ld8t14leA6TGiwIzBtEFKLqnOhuGLQNbtzNaSPUnVpxeA&sig=Cg0ArKJSzEffj3EMuZYyEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 02C2 0
54 B 60ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX9zOJ6nv9uw9txdBBHzUle2_IKMJRQ8sgnOF58r7VXiidMWf_wLssRsL8mXwgWGI6pPNP_x2Jn4OJ4QZWnM_WfkMxUGGhGEMUNf7oXYwlPDJHC9CereBGCE3sv415u10XFt-dyn8032KoBEdjeMlQ_RjJ9uaDEnuXjZgXPK4yZ4wH_szwYCP5hz9_z2etgsy8wsmnzaAN8LAvKzpuFmDEqINPhxoHoozJ6YT1tEFuxFE9e9T-EzelB1fvaQuIDIcsfacEJq6hIxhXa14Mw7jDCEZaYYCTzQ&sig=Cg0ArKJSzC2v7T5BUv7qEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9532 52 KB
20 KB 36ms
36ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 02C2 52 KB
20 KB 25ms
24ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 10 Jul 2020 05:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20555
x-xss-protection: 0
server: cafe
etag: 1421249497582339158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Jul 2020 06:34:44 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
28ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1594359299396&de=253181383497&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=32&cb=0&ym=0&cu=1594359299396&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239375180&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=8c4466b3-ada9-4df5-a58d-2d9183c2067b&zMoatSN=c&zMoatAType=content_article&zMoatMMV_MAX=na&zMoatCURL=techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&id=1&ii=4&bo=23529849&bp=23544129&bd=-&dfp=0%2C1&la=23544129&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatOrigSlicer1=23529849&zMoatOrigSlicer2=23544129&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A995%3A995%3A2003%3A907&iq=na&tt=na&tu=&tp=&fs=182322&na=1752376879&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Jul 2020 05:34:59 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9532 0
53 B 168ms
167ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0uu&chm=1&c=1210017500100058&ctx=2&qqid=CNjNtZ37weoCFQ8k4AodqVcNAg&met.4=fb.2~lb.t~ol.1w~idt.n0~dt.-2h&met.3=197.r~123.r_1~118.1b~118.1b~117.1u~116.1u_2~118.2e~118.2f~118.2l~118.3z~113.4a_1~112.4a_1~118.4b&met.1=1.kcfsd0qk~14.0~15.0~16.0~17.0~18.0~19.0~20.1u~21.1w&met.7=CCoQChgBIAMoAzAUOBE~CBsQCiADOCA~CCIQBhgBIEQoRDCFAThBaEhwhAF4NrABAbgBAw~CCgQChgBIFgoWDB-OCVoWXB8eI-hAYABy6ABiAGfoQOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 02C2 0
53 B 169ms
168ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0v0&chm=1&c=1210017500100058&ctx=2&qqid=CNnNtZ37weoCFQ8k4AodqVcNAg&met.4=fb.2~lb.15~ol.25~idt.mw~dt.-2l&met.3=197.14~123.14_1~118.17~118.17~118.1a~118.1u~117.23~116.23_1~118.2h~118.2h~118.47~113.4c_1~112.4c_1&met.1=1.kcfsd0qo~14.0~15.0~16.0~17.0~18.0~19.0~20.23~21.25&met.7=CCoQChgBIAMoAzAUOBE~CBsQCiADOCI~CCIQBhgBIEwoTDCJATg9aE1wiQF4NrABAbgBAw~CCgQChgBIHooejCWATgbaHtwlAF4j6EBgAHLoAGIAZ-hA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B85F 0
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020070801&jk=1210017500100058&bg=!wcKlwtpYKeivXwEzkFkCAAAANFIAAAANmQGLYnfYyXzbGrZ1LhBk1j-Bmu1edY6xmy39E52Iczv-6GGGQCBgYMPcmSI6iwSSYW3kpS_psnIBpXRx6pgGUsS76ldRrPiFBfxpCwvN71LB8dYx6G1oCHdknF_zfdY-FC4vaPvpMVlrkhU5b7Tvw4Y9j8f9nUCY0aOrnXraN_lJ0AMk_6Hb83lOqU0kD8n6bZiW29GBfTPiV0kx2ATGsollXYFQN_SdJ1ErZYIZZHedKiTpksL2E710b6kbCeQ-dUc0-S0GVwSqH31kRuZ54_Y3HneTdrz9tUmSZXxyv4BPLKWJX_WVdWZXWS4ED0u3uZZurzfbL6jiDc1BsQdoErbFRHDhERuZuSE6z8yzYHefb9IVRkdW0tZS1iynDnPARIE82RS6PjEf68Ev2WJ6E8aPo40ftnMGt6uR705qxGy7C8cjGQmnJ_C1RVKGa2efzC6gyomGv1GKxkvlLo1gUtP_B5eR2o8S_ITeSbV_o3B7Z1CnujoSk2swhlXHvmP8P-ebGSjx1ITSIIXnDzE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:34:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0A03 42 B
107 B 41ms
41ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKq03G1sHA6aT2FH3fUaEwy0oUKr0cw91hekAB9pthiucRsL4PIVGiPeRQVr8gGtq60XduvpJoNIkE10AgB5rXUIaB3fRAxFZmEZkx7yEFhk70SeJ3-1CwyU5LNw&sai=AMfl-YQGQ-ngtPtqmiu1wtlxI-5u-6Jcv-DU0PGionjhcrSaTJhhw3RcM9j6j3wztcWZd4XCzPGzlydr7A7oSt85815zheB7ofOjGrVeR2wwyw&sig=Cg0ArKJSzDa3fptrrp4EEAE&id=ampim&o=315,231&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,0,1004,1004&tos=0,0,0,1004,0&tfs=356&tls=1360&g=100&h=100&tt=1360&r=v&avms=ampa&adk=4139425645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EE54 42 B
107 B 42ms
41ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLs0tDtmgJUFHcnxvDpj5778efXiV21jsz33pXJC4S9Ffdf35JqwSQcrBI1YNoVOIbpWGgS-WFnLsVjjcakc6Ef_2ZOIe0R5QwJFH5l0-43_unSlg-wZogh925FQ&sai=AMfl-YSjzZKEE81GRlQDMU4xWhH2R0c3sF6J2v58k0z3csExyhFlAGM2D3d6RRFcRROKPprI0IXAeEbxJFFCe-IXQqzshVO1lmUp_edjSr3ZNg&sig=Cg0ArKJSzEC5Ff4yPGWOEAE&id=ampim&o=1050,511&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=384&tls=1385&g=100&h=100&tt=1385&r=v&avms=ampa&adk=456689329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.techrepublic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B85F 0
53 B 165ms
165ms Other
image/gif 172.217.7.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kcfsd0ox&c=1210017500100058&e=21064169%2C21065975%2C21065725&ctx=1&met.4=fb.7~lb.gz~ol.qn~idt.-5x~dt.-l1&met.3=197.gy~123.gx_1~118.ix~118.kw~118.kw~118.lq~118.pa~112.ql~117.ql~116.ql_1~118.qo~118.qo~118.qq~113.qq_1&met.9=1.lx~2.ph~3_1.pw~7_1.0~7_2.0&met.1=1.kcfsczyc~14.0~15.0~16.0~17.0~18.0~19.0~20.ql~21.qn&qqid.1=CNjNtZ37weoCFQ8k4AodqVcNAg&qqid.2=CNnNtZ37weoCFQ8k4AodqVcNAg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.7.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Jul 2020 05:35:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/events/1/ 24 B
187 B 110ms
109ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/36c1ca5070?a=398460840&v=1169.7b094c0&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=12084&ck=1&ref=https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/
Requested by: Host: www.techrepublic.com
URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.techrepublic.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: at.cbsi.com
URL: https://at.cbsi.com/lib/api/v1/techrepublic/prod/config/diff

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.techrepublic.com/	1970-01-19 11:02:44	Name: RT Value: "z=1&dm=techrepublic.com&si=066459dd-7d11-41d2-afa7-d843ae7505aa&ss=kcfscy1w&sl=1&tt=1jn&se=go&bcn=%2F%2F685d5b1b.akstat.io%2F&ld=1jq"
.techrepublic.com/	1970-01-19 19:38:15	Name: fly_img Value: %7B%22pixelRatio%22%3A1%7D
www.techrepublic.com/	1970-01-23 02:28:39	Name: XCLGFbrowser Value: ZMtU5l8H/gGVEUW8HsE
.techrepublic.com/	1969-12-31 23:59:59	Name: techrepublicSessionStarted Value: true
.techrepublic.com/	1970-01-19 11:35:51	Name: arrowImpCnt Value: 1
.techrepublic.com/	1970-01-19 11:35:51	Name: arrowImp Value: true
.techrepublic.com/	1970-01-19 19:38:15	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Jul+10+2020+07%3A34%3A57+GMT%2B0200+(Central+European+Summer+Time)&version=6.1.0&consentId=aca79ddc-98a7-4d46-9f19-bf06c34e42a4&interactionCount=0&landingPath=https%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fjoker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices%2F%3Fftag%3DTRE684d531%26bhid%3D29410119137553895019503475980351%26mid%3D12919988%26cid%3D2276723787&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0&hosts=&legInt=
.techrepublic.com/	1969-12-31 23:59:59	Name: fly_edition Value: us
.techrepublic.com/	1970-01-19 11:02:44	Name: fly_device Value: desktop
.techrepublic.com/	1970-01-19 11:02:44	Name: fly_geo Value: {"countryCode": "de"}
www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices	1969-12-31 23:59:59	Name: techrepublic_ad_ftag Value: TRE684d531
.techrepublic.com/	1970-01-19 19:38:15	Name: utag_main Value: v_id:017337383514007cfc6a78d638c00007800c907000b08$_sn:1$_se:1$_ss:1$_st:1594361097300$ses_id:1594359297300%3Bexp-session$_pn:1%3Bexp-session$linktag:undefined%3Bexp-session
www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices	1969-12-31 23:59:59	Name: techrepublic_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22uk%22%2C%22subses%22%3A%222%22%2C%22session%22%3A%22c%22%7D
www.techrepublic.com/	1969-12-31 23:59:59	Name: viewGuid Value: 8c4466b3-ada9-4df5-a58d-2d9183c2067b
.techrepublic.com/	1969-12-31 23:59:59	Name: prevPageType Value: article
www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices	1970-01-19 10:54:00	Name: pv Value: 1
www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices	1969-12-31 23:59:59	Name: _BB.bs Value: \|
.techrepublic.com/	1970-01-19 11:35:51	Name: techrepublicSessionCount Value: 1
www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices	1969-12-31 23:59:59	Name: _BB.d Value: \|\|\|

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 415) Message: Found registered service worker: [object ServiceWorkerRegistration]
console-api	info	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 401) Message: Registration of service worker /service-worker.js successful with scope:https://www.techrepublic.com/
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 120) Message: Loading iframes
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 254) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat performance
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 254) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js(Line 70) Message: ---- [GLOBAL]: Pending
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js(Line 70) Message: ---- [COOKIE STRING]: OptanonConsent=isIABGlobal=false&datestamp=Fri+Jul+10+2020+07:34:57+GMT+0200+(Central+European+Summer+Time)&version=6.1.0&consentId=aca79ddc-98a7-4d46-9f19-bf06c34e42a4&interactionCount=0&landingPath=https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787&groups=1:1,2:0,3:0,4:0,5:0&hosts=&legInt=
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js(Line 70) Message: ---- [GROUP LIST]: 1,0,0,0,0
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js(Line 206) Message: New DW cookie set, exec sitecat
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/techrepublicsite/prod/utag.js(Line 213) Message: ---- [DELAYED TAGS] Canceling fire due to "Pending" global value
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 254) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa targeting
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 254) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_taboola targeting
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 254) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa targeting
console-api	log	(Line 72) Message: blank creative loaded: 138239468890 (5 x 5, pos=nav, slot=nav-ad)
console-api	log	(Line 72) Message: blank creative loaded: 138239368367 (641 x 321, pos=top, slot=inpage-video-top)
console-api	log	(Line 72) Message: blank creative loaded: 138239321463 (300 x 250, pos=bottom, slot=mpu-bottom)
console-api	log	(Line 72) Message: blank creative loaded: 138239447335 (728 x 90, pos=bottom, slot=leader-bottom)
console-api	info	URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2006300332000 https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
console-api	info	URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2006300332000 https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
console-api	info	URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2006300332000 https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
console-api	info	URL: https://cdn.ampproject.org/rtv/012006300332000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2006300332000 https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787
console-api	log	URL: https://www.techrepublic.com/article/joker-billing-fraud-malware-eluded-google-play-security-to-infect-android-devices/?ftag=TRE684d531&bhid=29410119137553895019503475980351&mid=12919988&cid=2276723787(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247245952
console-api	log	(Line 72) Message: blank creative loaded: 138239468731 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api	log	(Line 72) Message: blank creative loaded: 138239375180 (372 x 142, pos=, slot=dynamic_showcase__1)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .techrepublic.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval'; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28135b6b4edfdc2066177db53e9bcd71.safeframe.googlesyndication.com
684dd30b.akstat.io
685d5b1b.akstat.io
adservice.google.com
adservice.google.de
adservice.google.fr
at.cbsi.com
bam.nr-data.net
c.go-mpulse.net
cdn.ampproject.org
cdn.cookielaw.org
confiant-integrations.global.ssl.fastly.net
csi.gstatic.com
ddd9ec815e4c46b8b477710e43fde3bf.safeframe.googlesyndication.com
dw.cbsi.com
enews.techrepublic.com
fiaqj6abeejrukqce3ygyaaaabpqp7qc-p6o6me-5bda826b0-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js-agent.newrelic.com
kjtbe4si66zawxyh7yba-p6o6me-2205e497b-clientnsv4-s.akamaihd.net
pagead2.googlesyndication.com
production-cmp.isgprivacy.cbsi.com
px.moatads.com
rev.cbsi.com
securepubads.g.doubleclick.net
tags.tiqcdn.com
tpc.googlesyndication.com
tr1.cbsistatic.com
tr2.cbsistatic.com
tr3.cbsistatic.com
tr4.cbsistatic.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
urs.techrepublic.com
vidtech.cbsinteractive.com
www.google.com
www.googletagservices.com
www.techrepublic.com
z.moatads.com
at.cbsi.com
104.108.48.175
104.109.77.38
151.101.113.194
151.101.114.110
162.247.242.19
172.217.23.162
172.217.7.99
2.21.38.40
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b844
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:808::2001
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2002
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
2a04:4e42:1b::444
2a04:4e42:1b::645
34.102.213.242
52.16.26.2
52.32.196.103
64.30.230.22
72.247.178.11
72.247.178.19
0073631e3f8f4d541c240211c371d3321edcd5c8616e2e4f29b0afef6c0fddf8
01661dcf90320349d7840dc112cf2ecb26e62318265d548e7c8655097c26d2b0
03bfd468751391fe89b0d297f94a7ddafbdc2dbb5064a6fd70cc49a82390da51
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0919fc027e18a6e553180a7e7e9b814c1850a60c621ab42105cd70d26254b8f5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
161fe98735c6cc12d686fc19f89c2d02b2eebae4338c676bf6373c58297cdcf4
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
190c76b7dfa194f92a1cf47e3cbee1f291554f583d9e21e31b79af0f9a9b34b6
1abc95d2457155c342ec456a00f57ce4a9cef92be5f4805c51cd8fb00d2cead0
1bae1e79b560e19de202e735d0a0c106a95146d2bcb8dac1433b824615ad2823
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1c8e402301674e3e8ea1af68c5fa9f91f6d9f5c5dea380498659bad92ce77df0
1d26dc3f0c90eef0ebd7d3f3c0d7870af6bff2b9bbe28db2b91335ae9415f23b
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
1f6ac5515ac9609bec71a343414149b638f3408a806216984c66d2666934daaa
225991462222110d933f2d36043f354bf36c05875b57b8dc5f932038edff857b
227d46d5d0e9b02acf34ae5a64f5838370cd16503ee5d367a36792d3f02316fc
2a1c546b39464ab27a76dd1fdf626eac6da4d2fe2530d1055cf01a77a3555b43
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
2c3330d2774f089f33edb37170c77ef64b236b2f6e00e472b1422a8225eaf18f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a
39582802ae719b7643253ccd2cb591cf7af829810d8e4254285a2c1754ad6309
471abea631568fd59cbf5fbe22cded0219d15116e27c8faf8f6900412d5437c1
484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf
4ca1a818d5802021ac0fb5f68526dadfdf5492d53875c113aafb7a5f981f3c69
4d26c477e03a9c22d8eb528e18f5c11b69dcb3c9c0f3b517f2da03ae97c46bf6
52ef2bd3d89ddb5b3cd3f8c0909aa9db339457a3ff3a6f2bb6a5832b40af8f6e
5524877399f08e3ceb414d49d02e1bdbe435b562964181a354634ca02d7642db
572dddc75aa1e04f4be523bd2fea4509c9125c31bfe44809e681c42114047e55
57f3f0379ec83f9bed92275bbd303a4eb7eb67a7d6b10599183695173c41a3ec
588cac589fa007ea48c7954fcfde382c9c6de0169c1158fc8ae744f800c25c5d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d45fb6c0eedd16bd124f45a8c859b897127b0ed663387e7d07009f2eaec2b16
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6397700e63543c0ccfacccf43c655892094aca94cf93587a9c7120f8eb9b9936
653464ba8e48328a4089169a07b808e076c008f001d029bd8151f0cbff71b512
6540d56fd6180a6d3f1346781e0311261b40a7de2b9fea215a8825517b40ddc7
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6748014269b949fbdc4472d00d418c8ab26b36aaa0d36e34d2fb773cffe94dab
6ae72114eeec47dbee9026f467df8a42fd1b6d58d4a7328d3678b6255e63fb82
6d175b3cd7b7cf1c633fe5c90107f6a2444c4d764e34622d444c1dedfa901b77
70c7abf6a00d9a1e7de179920643da04a08375e0f85121a9bed54bd198492fc2
71631382cdb89a4eb7a405ff83c871267ec5708da4515d0ed1508f0f9103c895
72146d7bec0dbe1aeb3d8b29ff7352939200e2309a80af732bf2d9cd2f8c7dca
7dd1319f443c7139e7c60a4f22f49acc675bc8ad0a1cc9d8884c823bfeb079f0
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
88fd051c48a1844ab1f7f7aa4f9cbea14e4b94c9250f118cf2d370d387dc37bd
89bed39d704b053ce1d89b30eddc2c826c544e702c15de25a1e9ab03812c9450
8bf1a22caad79e75e58be376fee15825e45af73505c5589722f7883d41035aca
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9ba6f8c1d66cfce60bd321a6335a81a703c4c84c4ffb75b98662281968f827b8
a0e0ea6c495ef5a44d853783c31b1b1f1ada6fa54df27cab850f587fd15eca6b
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a72aa163f673b0228fbee4e556096cbafa4f5c2fe68ec2080c30fff8daf3f6cb
a84cf74b7366809def61995cb21c8b04feb257ba760c71e72f8d324a4e89fdac
a900272a359e408b6d95dc61ed3ce2920822e763766b204b89950ce53226c0f9
abc5312afb9fd731268eae611e7cff62d567ec02f26723e87538f28aadd8ea03
acd68801773b43322277675295779905b9b427c17cbcfd7b300fb4b6402786be
af1a741fc9062193a8e573fe300349234ee37608a9d4b55c0fddcf84da81e095
b68d61de8571012250b06877ff8e50ca37e67f932c8a2e8a20a5bf6752e7db0d
bc6fff8a72a1842c55fbc0b04071707e301440cf81ec7c0885c43102dac7fc3e
c29113e94fe012ef7212d13a268276ef7ef9b24231ece07fd7f3293181895586
c320940678c0fc6a324e935d151586b47aed7ca5f099ffe81925ecf6b0612bf9
c3a24ee554eac3f45e56c23dbd2c6a00823b4f98fff5cd252715d1f818142dad
cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0371fe0255b9d27d6e69a064da44e538edf8c264a9cd71de03bcac4d54640cc
d05c36f2fc68e5cdd1c1c186ec4ea02209501e1c563f5b11b91fb6d09e7deb6c
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
dc9ac17c23561c48a9652733554ce63f0126a0218b21d56059ba4327ee1fa4ee
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e443d52b0e459fe460d4032db647790367f45254e45aca021efa183e9e523a4d
e84303e9c0454f20c7f8d48347160cdf844b4612ab6d017c75d40aad4bae6e43
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
edaab4d4a6fcca292723f2f96300dc5ace4c046680d6007378d7f2998470cddd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e1337fec74797d3e26b7c1b7768c29cac519b649aeda966198d0d4f94942ba
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f97f3601c96e204f96d414a803aaf09390f2291c8381ca6fef34eb3d76aa3194
fa7f20155491ad05b1ee7592ba0eca48aa60757cd3dc82b36507166fb4c84455
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

www.techrepublic.com Open in urlscan Pro 2a04:4e42:1b::444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

99 %HTTPS

55 %IPv6

23 Domains

43 Subdomains

28 IPs

6 Countries

3751 kBTransfer

10736 kBSize

19 Cookies

33 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.techrepublic.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

99 %
HTTPS

55 %
IPv6

23
Domains

43
Subdomains

28
IPs

6
Countries

3751 kB
Transfer

10736 kB
Size

19
Cookies

197 HTTP transactions
12 data transactions