www.androidpolice.com Open in urlscan Pro
44.196.161.176 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.androidpolice.com/hackers-vlc-malware/
Submission: On April 11 via api (April 11th 2022, 9:45:17 pm UTC) from US — Scanned from DE

Summary HTTP 206 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 78 IPs in 12 countries across 60 domains to perform 206 HTTP transactions. The main IP is 44.196.161.176, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.androidpolice.com. The Cisco Umbrella rank of the primary domain is 137569.
TLS certificate: Issued by R3 on April 6th 2022. Valid for: 3 months.

This is the only time www.androidpolice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	44.196.161.176 44.196.161.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::ac43:25e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:ba39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.7.88 65.9.7.88	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
19	2600:9000:205... 2600:9000:2057:ac00:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
4	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.7.89 65.9.7.89	16509 (AMAZON-02) (AMAZON-02)
6	35.186.249.84 35.186.249.84	15169 (GOOGLE) (GOOGLE)
2	54.71.86.183 54.71.86.183	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	65.9.66.173 65.9.66.173	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:27::... 2620:1ec:27::cafe:1774	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	34.209.98.169 34.209.98.169	16509 (AMAZON-02) (AMAZON-02)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.4.40 99.86.4.40	16509 (AMAZON-02) (AMAZON-02)
1	23.206.210.112 23.206.210.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.85.185.37 35.85.185.37	16509 (AMAZON-02) (AMAZON-02)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
6	52.7.229.166 52.7.229.166	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:206... 2600:9000:206f:de00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.36.66.109 52.36.66.109	16509 (AMAZON-02) (AMAZON-02)
4 4	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	44.236.132.100 44.236.132.100	16509 (AMAZON-02) (AMAZON-02)
4 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 11	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
9	83.229.84.43 83.229.84.43	204548 (CLOUDWEBM...) (CLOUDWEBMANAGE-IL-FR)
2	18.194.211.85 18.194.211.85	16509 (AMAZON-02) (AMAZON-02)
1 1	23.88.75.188 23.88.75.188	24940 (HETZNER-AS) (HETZNER-AS)
3 3	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4 7	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.202.34 143.204.202.34	16509 (AMAZON-02) (AMAZON-02)
2	34.120.117.212 34.120.117.212	15169 (GOOGLE) (GOOGLE)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
1	3.124.87.92 3.124.87.92	16509 (AMAZON-02) (AMAZON-02)
1	52.57.177.81 52.57.177.81	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
9	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
3	2600:9000:206... 2600:9000:206f:8400:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.160.251.62 35.160.251.62	16509 (AMAZON-02) (AMAZON-02)
2	18.209.251.242 18.209.251.242	14618 (AMAZON-AES) (AMAZON-AES)
1 11	3.127.195.44 3.127.195.44	16509 (AMAZON-02) (AMAZON-02)
1 1	62.209.227.211 62.209.227.211	13036 (TMOBILE-) (TMOBILE-)
1	2606:4700:303... 2606:4700:3034::6815:4466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	185.33.220.217 185.33.220.217	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	72.251.244.140 72.251.244.140	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
2 2	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
2 2	54.154.13.151 54.154.13.151	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3601:2d23:8be0:67ab:2c3	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.46.154.242 52.46.154.242	() ()
1 1	70.42.32.95 70.42.32.95	() ()
1	185.64.190.81 185.64.190.81	() ()
206	78

12 44.196.161.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-161-176.compute-1.amazonaws.com

www.androidpolice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:25e7 (United States)

ASN13335 (CLOUDFLARENET, US)

static1.anpoimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:ba39 (United States)

ASN13335 (CLOUDFLARENET, US)

f.convertkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.convertkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.7.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-88.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2057:ac00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

androidpolice.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-89.fra56.r.cloudfront.net

static.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com

scarfsmash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.71.86.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-86-183.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.66.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-173.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1774 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.209.98.169 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-98-169.us-west-2.compute.amazonaws.com

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-40.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.85.185.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-185-37.us-west-2.compute.amazonaws.com

id.halo.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.7.229.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-229-166.compute-1.amazonaws.com

events.release.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.66.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-66-109.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.243 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.236.132.100 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-132-100.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (Utrecht, Netherlands) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 83.229.84.43 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.211.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-211-85.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.188 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.248.245.213 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-34.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.117.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.117.120.34.bc.googleusercontent.com

ls.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.87.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-87-92.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.177.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-177-81.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:8400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.251.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-251-62.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.251.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-251-242.compute-1.amazonaws.com

api.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.127.195.44 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.211 (Brno, Czech Republic) 1 redirects

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.217 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.253 (Monrovia, United States) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.83.225 (Beauharnois, Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.13.151 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-13-151.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:2d23:8be0:67ab:2c3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.154.242 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (None, ) 1 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	primis.tech live.primis.tech — Cisco Umbrella Rank: 2980 video.primis.tech — Cisco Umbrella Rank: 5969	3 MB
19	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 898 ads.pubmatic.com — Cisco Umbrella Rank: 461 hbopenbid.pubmatic.com Failed image6.pubmatic.com — Cisco Umbrella Rank: 622 simage2.pubmatic.com — Cisco Umbrella Rank: 620 image4.pubmatic.com — Cisco Umbrella Rank: 880 simage4.pubmatic.com	40 KB
16	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 4688 seg.ad.gt — Cisco Umbrella Rank: 10673 id.halo.ad.gt — Cisco Umbrella Rank: 5894 p.ad.gt — Cisco Umbrella Rank: 5334 ids.ad.gt — Cisco Umbrella Rank: 4265 pixels.ad.gt — Cisco Umbrella Rank: 5222	25 KB
15	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	133 KB
14	adscale.de 1 redirects js.adscale.de — Cisco Umbrella Rank: 7114 ih.adscale.de — Cisco Umbrella Rank: 5512	15 KB
12	androidpolice.com www.androidpolice.com — Cisco Umbrella Rank: 137569	272 KB
10	adtarget.com.tr s.console.adtarget.com.tr — Cisco Umbrella Rank: 5421 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5813	5 KB
9	narrativ.com static.narrativ.com — Cisco Umbrella Rank: 8085 events.release.narrativ.com — Cisco Umbrella Rank: 8012 api.narrativ.com — Cisco Umbrella Rank: 33943	42 KB
9	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2989 r.skimresources.com — Cisco Umbrella Rank: 2852 t.skimresources.com — Cisco Umbrella Rank: 3002 p.skimresources.com — Cisco Umbrella Rank: 4088 ls.skimresources.com — Cisco Umbrella Rank: 9130	17 KB
8	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 400 tlx.3lift.com — Cisco Umbrella Rank: 569	4 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 302 s.amazon-adsystem.com	81 KB
6	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 675 pixel.rubiconproject.com — Cisco Umbrella Rank: 350 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1106 eus.rubiconproject.com — Cisco Umbrella Rank: 567	12 KB
6	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1219 j.clarity.ms — Cisco Umbrella Rank: 2127	24 KB
6	scarfsmash.com scarfsmash.com — Cisco Umbrella Rank: 154284	219 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	22 KB
5	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	2 KB
5	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 438 adscale-emea.adnxs.com — Cisco Umbrella Rank: 17343 ib.adnxs.com — Cisco Umbrella Rank: 248	5 KB
4	disqus.com androidpolice.disqus.com — Cisco Umbrella Rank: 305022	6 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2962	1 KB
3	adform.net 1 redirects cm.adform.net — Cisco Umbrella Rank: 2148 c1.adform.net — Cisco Umbrella Rank: 577	1 KB
3	yahoo.com 1 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1137 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556 ssum.casalemedia.com — Cisco Umbrella Rank: 1353	3 KB
3	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 531 search.spotxchange.com — Cisco Umbrella Rank: 426	2 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1459	84 KB
3	convertkit.com f.convertkit.com — Cisco Umbrella Rank: 15724 app.convertkit.com — Cisco Umbrella Rank: 16563	14 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1718 mwzeom.zeotap.com — Cisco Umbrella Rank: 1566	901 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 662	902 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5130	637 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 445	1 KB
2	m6r.eu 2 redirects tracking.m6r.eu — Cisco Umbrella Rank: 12948	1 KB
2	criteo.com 2 redirects dis.criteo.com — Cisco Umbrella Rank: 706	966 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 677	721 B
2	gstatic.com fonts.gstatic.com	45 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 289	440 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 542	814 B
2	google.de ampcid.google.de — Cisco Umbrella Rank: 46741 www.google.de — Cisco Umbrella Rank: 5383	966 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 897	2 KB
2	google.com ampcid.google.com — Cisco Umbrella Rank: 1782 www.google.com — Cisco Umbrella Rank: 4	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	125 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2749 p1.parsely.com — Cisco Umbrella Rank: 2214	26 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	161 KB
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 234	594 B
1	linkedin.com px.ads.linkedin.com	707 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 423	535 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 825	610 B
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 101868	1 KB
1	ibillboard.com 1 redirects bbnaut.ibillboard.com — Cisco Umbrella Rank: 18336	550 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1433	594 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 985	243 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 709	305 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 656	231 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 578	423 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 565	482 B
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1681	11 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1654	17 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1312	36 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	28 KB
1	anpoimages.com static1.anpoimages.com — Cisco Umbrella Rank: 167405	704 KB
206	60

	Domain	Requested by
19	live.primis.tech	www.androidpolice.com live.primis.tech tagan.adlightning.com
12	www.androidpolice.com	www.androidpolice.com
11	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
11	cm.g.doubleclick.net	7 redirects www.androidpolice.com eb2.3lift.com
9	sync.console.adtarget.com.tr	s.console.adtarget.com.tr js.adscale.de ads.pubmatic.com
9	video.primis.tech	www.androidpolice.com live.primis.tech
8	ids.ad.gt	1 redirects www.androidpolice.com
7	eb2.3lift.com	4 redirects live.primis.tech eb2.3lift.com
7	image2.pubmatic.com	2 redirects ads.pubmatic.com s.console.adtarget.com.tr
6	events.release.narrativ.com	static.narrativ.com tagan.adlightning.com www.androidpolice.com
6	scarfsmash.com	www.androidpolice.com scarfsmash.com
6	www.google-analytics.com	www.androidpolice.com www.googletagmanager.com www.google-analytics.com
5	match.adsrvr.org	4 redirects eb2.3lift.com
5	j.clarity.ms	www.clarity.ms j.clarity.ms
5	c.amazon-adsystem.com	www.androidpolice.com c.amazon-adsystem.com live.primis.tech
4	simage2.pubmatic.com	ads.pubmatic.com s.console.adtarget.com.tr
4	ads.pubmatic.com	tagan.adlightning.com s.console.adtarget.com.tr live.primis.tech
4	androidpolice.disqus.com	www.androidpolice.com tagan.adlightning.com
3	pixel.onaudience.com	3 redirects
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	secure.adnxs.com	3 redirects
3	t.skimresources.com	www.androidpolice.com s.skimresources.com
3	tagan.adlightning.com	www.androidpolice.com tagan.adlightning.com
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	eus.rubiconproject.com	live.primis.tech eus.rubiconproject.com
2	sync.crwdcntrl.net	2 redirects
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	tracking.m6r.eu	2 redirects
2	dis.criteo.com	2 redirects
2	app.convertkit.com	f.convertkit.com
2	api.narrativ.com	static.narrativ.com
2	image6.pubmatic.com	ads.pubmatic.com
2	creativecdn.com	2 redirects
2	c2shb.pubgw.yahoo.com	live.primis.tech
2	ls.skimresources.com	s.skimresources.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ssum-sec.casalemedia.com	2 redirects
2	x.bidswitch.net	www.androidpolice.com eb2.3lift.com
2	sync.search.spotxchange.com	2 redirects
2	fonts.googleapis.com	tagan.adlightning.com
2	sync.1rx.io	2 redirects
2	token.rubiconproject.com	www.androidpolice.com eus.rubiconproject.com
2	p.skimresources.com	www.androidpolice.com
2	id.halo.ad.gt	www.androidpolice.com a.ad.gt
2	seg.ad.gt	www.androidpolice.com p.ad.gt
2	unpkg.com	1 redirects www.androidpolice.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	a.ad.gt	www.androidpolice.com p.ad.gt
2	www.googletagmanager.com	www.androidpolice.com www.googletagmanager.com
2	pagead2.googlesyndication.com	www.androidpolice.com pagead2.googlesyndication.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	pixel.quantserve.com	1 redirects
1	ib.adnxs.com	1 redirects
1	um.simpli.fi	s.console.adtarget.com.tr
1	mwzeom.zeotap.com	s.console.adtarget.com.tr
1	spl.zeotap.com	1 redirects
1	image4.pubmatic.com	s.console.adtarget.com.tr
1	adscale-emea.adnxs.com	1 redirects
1	ssum.casalemedia.com	1 redirects
1	images.getadmiral.com	www.androidpolice.com
1	bbnaut.ibillboard.com	1 redirects
1	pixels.ad.gt	tagan.adlightning.com
1	cm.adform.net	s.console.adtarget.com.tr
1	www.google.de	www.androidpolice.com
1	www.google.com	www.androidpolice.com
1	prebid-server.rubiconproject.com	live.primis.tech
1	tlx.3lift.com	live.primis.tech
1	search.spotxchange.com	live.primis.tech
1	geo.privacymanager.io	ats.rlcdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.rubiconproject.com	www.androidpolice.com
1	csync.loopme.me	1 redirects
1	s.console.adtarget.com.tr	tagan.adlightning.com
1	u.openx.net	tagan.adlightning.com
1	trc.taboola.com	www.androidpolice.com
1	bh.contextweb.com	1 redirects
1	p.ad.gt	a.ad.gt
1	static.adsafeprotected.com	www.androidpolice.com
1	r.skimresources.com	s.skimresources.com
1	cdn.id5-sync.com	www.androidpolice.com
1	secure.cdn.fastclick.net	www.androidpolice.com
1	ats.rlcdn.com	www.androidpolice.com
1	ampcid.google.de	www.google-analytics.com
1	p1.parsely.com	www.androidpolice.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.clarity.ms	www.androidpolice.com
1	ampcid.google.com	www.google-analytics.com
1	www.googletagservices.com	www.androidpolice.com
1	static.narrativ.com	www.androidpolice.com
1	cdn.parsely.com	www.androidpolice.com
1	s.skimresources.com	www.androidpolice.com
1	f.convertkit.com	www.androidpolice.com
1	static1.anpoimages.com	www.androidpolice.com
0	hbopenbid.pubmatic.com Failed	live.primis.tech
206	100

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
twitter.com
news.google.com
feedly.com
www.pushbullet.com
www.linkedin.com
symantec-enterprise-blogs.security.com
www.instagram.com
stevehuff.substack.com
getadmiral.com

Subject Issuer	Validity	Valid
androidpolice.com R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
*.anpoimages.com E1	`2022-04-04` - `2022-07-03`	3 months	crt.sh
convertkit.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.primis.tech Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
static.narrativ.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
scarfsmash.com R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
halo.ad.gt Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.release.narrativ.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-03-29` - `2022-06-27`	3 months	crt.sh
primis.tech Go Daddy Secure Certificate Authority - G2	`2021-10-29` - `2022-06-18`	8 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sync.console.adtarget.com.tr R3	`2022-03-28` - `2022-06-26`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
api.planethowl.com Amazon	`2022-03-03` - `2023-04-01`	a year	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2021-05-13` - `2022-05-12`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-28` - `2022-09-28`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.androidpolice.com/hackers-vlc-malware/
Frame ID: 8CA9EDE4CB666D363646F117FDD080F4
Requests: 111 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: AB4CC293190AA1AE9675057160345061
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: CF945F870630D8C80AFB6DCF8864C037
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9348496137326374
Frame ID: B0A9FDE1C997343C257BD3EFFF58E929
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: F6D42F2A2611B5C6D0A9A496915483C8
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=94&advUuid=a85ecac0-b9e0-11ec-ac43-13ae17dc0506
Frame ID: D79CB4941D13637E9D3E45915DD36B1C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 0A7B7A273689BE58B7D149333E3CF9D3
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 04CEB2812FCBAFAFBAA1C730241B3AAD
Requests: 4 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: F476055169B21C288B920E299C880EF0
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: D36733EDD19D321514E5D32B215992B4
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 96829A741ECB0F202D03AE2379F89541
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: A3ED7F952EC7DE8487C59A6E4777C316
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 8D9F8A114A0F1E5E853C4BC660B59B10
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 91D1F7D5212F0FA54AC6127F11E978DA
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=MOGMityV0UCAEO88XOL0&pi=admatic&tc=1
Frame ID: 2495DDF9DDF0CFE0BB41C33AD81F7229
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Frame ID: 47F0E09C6D3F4BAE52EE80AD475F1DEA
Requests: 13 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 862D8B179230C51A484E5D33797C038B
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=55E95DC9-9D85-42AE-85D5-50AA354A59DB
Frame ID: 6B48AD1F7DF0FCE4CE23191B822C83B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=
Frame ID: A8D6F08D6AF47E6AC59369A61FA2DE8C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6579280529943216144
Frame ID: E1A9EF5306836DA0C014B9A867773D48
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 485FB8A47A1966E0EBEEA63DC9FAD7F7
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307406&extuid=${UID}55E95DC9-9D85-42AE-85D5-50AA354A59DB
Frame ID: D6D9E7B31C716278697355ADB93BFEA0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: E02A09377EF548FA4FBA6D2C01B244AE
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&
Frame ID: D62DD3E99D1216579DF25A271C8E85C8
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: E2C96868AE28866FB7B35B17341D77CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chinese hackers are using VLC media player to launch malware attacksuser-signalchecklistsettings-toggle-horizontal

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

206
Requests

82 %
HTTPS

28 %
IPv6

60
Domains

100
Subdomains

78
IPs

12
Countries

4971 kB
Transfer

8999 kB
Size

111
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/AndroidPolice

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AndroidPolice

Search URL Search Domain Scan URL

URL: https://twitter.com/AndroidPolice

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBggKMLuYFDDSzAI

Search URL Search Domain Scan URL

URL: https://feedly.com/i/subscription/feed%2Fhttps://www.androidpolice.com/feed

Search URL Search Domain Scan URL

URL: https://www.pushbullet.com/channel-popup?tag=androidpolicefeed

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F%2F&src=sdkpreparse
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&title=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&source=www.androidpolice.com&summary=The%20likely%20state-sponsored%20hacks%20began%20in%202021
Title: Share

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-china-ngo-government-attacks
Title: Symantec's cybersecurity experts

Search URL Search Domain Scan URL

URL: https://twitter.com/SteveHuff

Search URL Search Domain Scan URL

URL: https://www.instagram.com/stevenhuff/

Search URL Search Domain Scan URL

URL: https://stevehuff.substack.com/

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.androidpolice.com&utm_medium=pb&session=5-8fe180aea6529c68b9f04ae8e69ee082-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Request Chain 68

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001649713510-UF6WEURI-IQ2L%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&adnxs_id=3830264896767608717

Request Chain 69

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001649713510-UF6WEURI-IQ2L HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001649713510-UF6WEURI-IQ2L HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=e0f06328-7540-4457-a8f4-8475c932f669&id=AU1D-0100-001649713510-UF6WEURI-IQ2L

Request Chain 70

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001649713510-UF6WEURI-IQ2L HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001649713510-UF6WEURI-IQ2L HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=55E95DC9-9D85-42AE-85D5-50AA354A59DB&id=AU1D-0100-001649713510-UF6WEURI-IQ2L

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001649713510-UF6WEURI-IQ2L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001649713510-UF6WEURI-IQ2L&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&google_gid=CAESEOSI1pnfTUoukiVbHn-_HqU&google_cver=1&google_ula=450542624,0

Request Chain 72

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001649713510-UF6WEURI-IQ2L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0OTcxMzUxMC1VRjZXRVVSSS1JUTJM

Request Chain 73

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001649713510-UF6WEURI-IQ2L HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=6uJ9TL0tq39N&ev=1&pid=562316&id=AU1D-0100-001649713510-UF6WEURI-IQ2L

Request Chain 76

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001649713510-UF6WEURI-IQ2L%26unruly_id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001649713510-UF6WEURI-IQ2L%26unruly_id%3D%5BRX_UUID%5D&cb=1649713508977 HTTP 302
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&unruly_id=OPTOUT

Request Chain 81

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a85ecb27-b9e0-11ec-ac43-13ae17dc0506 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=94&advUuid=a85ecac0-b9e0-11ec-ac43-13ae17dc0506

Request Chain 88

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=93&advUuid=56ef3d78-d1ee-4c99-9879-81b67e91cf8d

Request Chain 89

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=99&advUuid=YlShZUalbMAnFbULSDv0jAAABIYAAAIB

Request Chain 90

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1398871617316515942189&advId=121&advUuid=1398871617316515942189

Request Chain 92

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=105&advUuid=3830264896767608717

Request Chain 121

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=MOGMityV0UCAEO88XOL0&pi=admatic&tc=1

Request Chain 139

https://ih.adscale.de/uu?cbfn=receive&t=1649713510 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1649713510&nut&uu=471124476dd4488dba62d58d410661f7

Request Chain 146

https://bbnaut.ibillboard.com/match/AdScale?partneruid=471124476dd4488dba62d58d410661f7&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=101&tpuid=BBID-01-03244275096888590-16574040

Request Chain 151

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=d557dd87ffcd2ff46aba654ab100bc469a505f7d5c0db25ca874da6893cbc898&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlShZUalbMAnFbULSDv0jAAA%261158

Request Chain 152

https://track.adform.net/serving/cookie/match/?party=9&uid=9473e0ef8713540d69778b9ae66726bea6d20d007c16466d0a6f911560401721&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg&gdpr=0 HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9473e0ef8713540d69778b9ae66726bea6d20d007c16466d0a6f911560401721&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=42&gdpr=0&tpuid=7664849246464647927

Request Chain 156

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=f98876f7aa576fe2d8655b20925236cd36c0a00cb09bc0de40329236bf153900&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4be83004-97ab-4dec-9333-7652f8fdc60e&gdpr=0

Request Chain 157

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=fc3742c302f2b7db6059b31fb8ceae2873c996836510af008217c494e08eedd8&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=ceaf9d276c63bcd1e20052d6aab212864ff48e0663f7c91862a3577b87c2e545&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?uid=ceaf9d276c63bcd1e20052d6aab212864ff48e0663f7c91862a3577b87c2e545&tpid=38&gdpr=0&tpuid=CAESEAxtaCaiFepxXTR8SFHOLc8&google_cver=1

Request Chain 168

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=75&tpuid=3830264896767608717&gdpr=0

Request Chain 169

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=468c5d976102c0d65f4930cb7eea4b09d8d9951cf03a836d54906c9b3380607f&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=468c5d976102c0d65f4930cb7eea4b09d8d9951cf03a836d54906c9b3380607f&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/js?tpid=48&tpuid=4c1282cb6039858166f45ece591b3909

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=

Request Chain 174

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6579280529943216144

Request Chain 175

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VeldyZ2FQq6F1VCqNUpZ2w%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 178

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c9296254-a167-4e00-9aa9-23c7f63c2156

Request Chain 179

https://pixel.onaudience.com/?partner=214&mapped=55E95DC9-9D85-42AE-85D5-50AA354A59DB HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=352ceb93d548178d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=352ceb93d548178d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=bc13dcc5f112ad6f592a4c30ae9cfcd8&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=e0f06328-7540-4457-a8f4-8475c932f669&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=352ceb93d548178d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=39d0c5a9-9b85-4bf5-7e12-6d86104992f0&reqId=eaa33123-ffc7-41e1-69d8-b55e35429f96&zcluid=352ceb93d548178d&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESELfP08LgdYE-ysEQ5OX10Lw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=39d0c5a9-9b85-4bf5-7e12-6d86104992f0&reqId=eaa33123-ffc7-41e1-69d8-b55e35429f96&zcluid=352ceb93d548178d&zdid=1332

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVFOTVEQzktOUQ4NS00MkFFLTg1RDUtNTBBQTM1NEE1OURC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGPQFYTFRdidO9ZawW0Yhvo&google_cver=1

Request Chain 183

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7664849246464647927

Request Chain 184

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0f06328-7540-4457-a8f4-8475c932f669

Request Chain 185

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3830264896767608717&gdpr=0&gdpr_consent=

Request Chain 186

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0S_u0oYs7d7KJe3T1yT21dUsv97Kee7f03ga_3Kh

Request Chain 191

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D

Request Chain 193

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D

Request Chain 195

https://pr-bh.ybp.yahoo.com/sync/triplelift/1398871617316515942189?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-B6ZWa2dE2oSCa1kiHseOluour8y3hlRNEVo3OI9ezQ--~A&dongle=0883

Request Chain 198

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1398871617316515942189 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1398871617316515942189&dcc=t

Request Chain 199

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

206 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.androidpolice.com/hackers-vlc-malware/ 625 KB
130 KB 568ms
361ms Document
text/html 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6a8804158a5f56af60a232fa06013e913c22968bc0d44cf8c8a291358c8637e6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 21:45:07 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 VLC3Hero-01.png
static1.anpoimages.com/wordpress/wp-content/uploads/2020/09/23/ 703 KB
704 KB 78ms
30ms Image
image/webp 2606:4700:10::ac43:25e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.anpoimages.com/wordpress/wp-content/uploads/2020/09/23/VLC3Hero-01.png?q=50&fit=contain&w=1500&h=&dpr=1.5
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c969c534018935993ccb32e0057bb637ba4898ed5784b8a86302961e3f0e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
cf-cache-status: HIT
age: 53069
cf-polished: origFmt=png, origSize=1059989
content-disposition: inline; filename="VLC3Hero-01.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 720084
x-request-id: Nltfx7S7JOUFrzHNCdRWJ
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: 76f2409ecee6c7f9db703ebd3f6ce019bda6e8c84910626d39d7b4ab658b7ea3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa6e84f1cf9375f-MXP
expires: Tue, 11 Apr 2023 07:00:38 GMT

GET
H2 200 a-article.b4c2e531.css
www.androidpolice.com/public/build/ 199 KB
28 KB 155ms
155ms Stylesheet
text/css 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/a-article.b4c2e531.css

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0f25eef1f15c5be98d251cc8b60a3cdaf0bb23672d313c8a62dd2037bbb7488e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-31cd7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 dfp.js Show response
www.androidpolice.com/public/build/ 36 B
509 B 99ms
99ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/dfp.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-24"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 valnet-header-ads.a8e17398.js Show response
www.androidpolice.com/public/build/ 3 KB
1 KB 98ms
95ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/valnet-header-ads.a8e17398.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8b0d1446f412484a2a7d1abb46ddc5de128d8aaf11b1fe04ac729ee4830c5e5b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-afe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 ck.5.js Show response
f.convertkit.com/ckjs/ 52 KB
14 KB 114ms
51ms Script
application/javascript 2606:4700::6812:ba39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f.convertkit.com/ckjs/ck.5.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ba39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7b7fb37ec681a6a1bd507ce80613c7343fb3b394b29e21e7b11d6a6df933f68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 14:51:13 GMT
server: cloudflare
age: 6590
etag: W/"7f6a2b3f8f18a10fb2a520d097324cd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6fa6e850a90b3758-MXP
x-amz-request-id: DD056DB2ZP5SD96G
x-amz-id-2: tOTGhDZ7dqL34M37U4xDAV5HFZXgQe7vYabPgyM/uUTkccogvZmLARpTq1ZIJ3db5/300ULSgwc=
expires: Tue, 12 Apr 2022 01:45:07 GMT

GET
H2 200 adsninja.min.js Show response
www.androidpolice.com/public/build/ 48 KB
11 KB 100ms
97ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/adsninja.min.js?v=1647019562

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

05fde9258245fd1d1558ca071a747faedbd1a573c67e512d6b728cba8d6a37b8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-bf5d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/valnet/ 44 KB
19 KB 41ms
6ms Script
application/javascript 65.9.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/op.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0202e59060242c55972c39c482ccefb652b2be1f838b187a3a798fc265e1b2f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 5zVZj2SM9DC6pCB0eCnzcS09HkQIWl1s
content-encoding: gzip
etag: "7e08b099c2963ce732f206d6734ef498"
age: 3024
x-cache: Hit from cloudfront
content-length: 18612
x-amz-meta-git_commit: 7b120a5
last-modified: Sun, 10 Apr 2022 23:52:40 GMT
server: AmazonS3
date: Mon, 11 Apr 2022 20:54:44 GMT
content-type: application/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: PLXMDjwHXiOXN9g4kOGM5tZvMI-LtIrWU-vazu4BUu993mXkDBRYBQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 72ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc581e9f8209a6d552fdd853e8ed7b453779e5d8e571f78a5962e6bcfd7fecb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54038
x-xss-protection: 0
server: cafe
etag: 14914154073305385441
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 21:45:07 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 44 KB
44 KB 81ms
27ms Script
text/javascript 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 855ba186047446b87318c982a61bf91d72b12e17301277334e081445f3203edc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:07 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/javascript; charset=utf-8
x-amz-cf-id: ptyee67HoFJm1_a5iqVB_1AqJtyxjjsdjskmkXDu16kjLUHUl9zV3A==

GET
H2 200 valnet-footer.873d1235.js Show response
www.androidpolice.com/public/build/ 47 KB
14 KB 134ms
130ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/valnet-footer.873d1235.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

926952e0833e0acb9dd02fdbbe59bb8be77f8e7571aaedc900649b9513500e8b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-bb6a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 valnet-footer-article.2fb673ae.js Show response
www.androidpolice.com/public/build/ 5 KB
2 KB 101ms
98ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/valnet-footer-article.2fb673ae.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0f4020071f4d6fbd6e07ddb16daf4859441c7454a0c733b019f7cb1adc8f4d49

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-1457"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 85009X1537243.skimlinks.js Show response
s.skimresources.com/js/ 42 KB
15 KB 73ms
20ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3ffeed0ceb0e14dfa1f0bd0fa79520b976f0ef6644190e09a2a1520feb76322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:51:30 GMT
server: AmazonS3
x-amz-request-id: G4R78MZNR1XC8Q3J
etag: "8131ae354f9ba91af07374ab421be75a"
x-hw: 1649713507.cds288.lo4.hn,1649713507.cds281.lo4.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 15513
x-amz-id-2: ZojpMFp4xtdT+CXJoMtq2tXk6SfB74DiKbMipmL+COqhqVv5zjB7owS3GO3GB1UcvkpbF9IYzJQ=

GET
H/1.1 200
OK count.js Show response
androidpolice.disqus.com/ 1 KB
2 KB 35ms
6ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 260
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 11 Apr 2022 19:06:38 GMT
Server: nginx
ETag: "62547c3e-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: Ru_Vq-WyL-atLN-kAGhR0-KVytPL_WDKXW4uNSnyvvuIVKkPvCFqnA==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/androidpolice.com/ 71 KB
25 KB 33ms
6ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/androidpolice.com/p.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 624d529e0da6719af2df6d25615df0c3a7b2dd28c015a731dd0341f0600c5d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Apr 2022 08:04:06 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 18:37:39 GMT
server: nginx
age: 49415
etag: W/"623b68f3-11da1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: N2ROC5hEG2P7yC-grfTUzhSPenpgW1mfpO1qyNXyChf-A5re3wZ2fQ==
expires: Tue, 12 Apr 2022 08:01:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5276
date: Mon, 11 Apr 2022 20:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 11 Apr 2022 22:17:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 177 KB
60 KB 46ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQPCZ5S

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bafb239c4816cee20669f90a921942c19c74e161210b242369caab201f473fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60963
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 21:13:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Apr 2022 21:45:07 GMT

GET
H/1.1 200
OK narrativ-pub.1.0.0.js Show response
static.narrativ.com/tags/ 38 KB
39 KB 31ms
6ms Script
application/octet-stream 65.9.7.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-89.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2f1e02e54fe66adc0d5f1f06048c30bb7cdf2645b7e0fc48c881923868f5f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 16:39:29 GMT
Via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
Last-Modified: Wed, 30 Mar 2022 15:47:19 GMT
Server: AmazonS3
Age: 18338
ETag: "fa011ce702b3b9babaaf109dd7ad4d8f"
X-Cache: Hit from cloudfront
Content-Type: application/octet-stream
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Content-Length: 39413
X-Amz-Cf-Id: 1NV3t3eO4P-n2yul74kU6oOtZAl-K6T0rJycCk68fYfFWJjidOeAtQ==

GET
H2 200 v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg Show response
scarfsmash.com/ 526 KB
91 KB 66ms
29ms Script
text/javascript 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

4030095476183bad3ae6bddbf7a6d9e779b6923506604aa1ca0af24b75318e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "25476e55f20f05bbabd5d95bd48f44ca4035f9877e3051ee236daa67296aa9f8"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 11 Apr 2022 21:45:07 GMT
x-buildnumber: 505852149
timing-allow-origin: *

GET
H2 200 269 Show response
a.ad.gt/api/v1/u/matches/ 7 KB
7 KB 486ms
161ms Script
application/javascript 54.71.86.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.86.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-86-183.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ca69e85bfa33d67c2001304584f3896ea16134f79b1d07015a2c28634aeed06b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Apr 2022 21:45:08 GMT
cross-origin-resource-policy: cross-origin
server: nginx/1.18.0
content-length: 6855
content-type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62e7c4f1854029f0916985354a44fdd2d4bee70411ef19c60a61a58edd86b6e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28354
x-xss-protection: 0
server: sffe
etag: "1185 / 873 of 1000 / last-modified: 1649699941"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 11 Apr 2022 21:45:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 65ms
4ms Script
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: .7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 285
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0WDPA8TSHZX5HJ6FS7B2
date: Mon, 11 Apr 2022 21:40:24 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: jEPuiaujSklEqOpg9M3QV-dVHnNEyx4Taq3b2j3miSyfqG4-DXaZvA==

GET
H2 200 ap-logo-full-colored-dark.2a8945fa.svg
www.androidpolice.com/public/build/images/ 4 KB
2 KB 97ms
97ms Image
image/svg+xml 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.androidpolice.com/public/build/images/ap-logo-full-colored-dark.2a8945fa.svg

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0375b396ee741813158bda96fabc3295611b9ca67cd367aa31193cf80dacfe95

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-11de"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 Gilroy-Bold.3834bcd8.woff2
www.androidpolice.com/public/build/fonts/ 31 KB
31 KB 137ms
137ms Font
font/woff2 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/fonts/Gilroy-Bold.3834bcd8.woff2

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e8fd802ce5042d308a2d650c3db8f60b2bd3b884f34d6ceabe0631a3a9e226f5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Origin: https://www.androidpolice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
x-content-type-options: nosniff
content-length: 31380
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62548c96-7a94"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 icomoon.6b793360.woff
www.androidpolice.com/public/build/fonts/ 18 KB
18 KB 136ms
136ms Font
font/woff 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/fonts/icomoon.6b793360.woff

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6378f6326c6b8ed5ba7c9dd71718f4acfab15effd24a9c83974e4e8ea473879e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Origin: https://www.androidpolice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
x-content-type-options: nosniff
content-length: 18096
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62548c96-46b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 Gilroy-Medium.0ba01f1d.woff2
www.androidpolice.com/public/build/fonts/ 30 KB
31 KB 121ms
121ms Font
font/woff2 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/fonts/Gilroy-Medium.0ba01f1d.woff2

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9115bbf3b3dee88764e74ecdf31c2234ece91aa42a596a1d3ba11925662777ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Origin: https://www.androidpolice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
x-content-type-options: nosniff
content-length: 31156
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62548c96-79b4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AB4C 5 KB
5 KB 19ms
19ms Script
text/javascript 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 479f3efcd9820d350b21a3c82d42d88f0476e4ed7133607fb39c0e74c56efedf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/javascript; charset=utf-8
x-amz-cf-id: Vbp8sn4r75GqHLtb1QAwuMboy_Cae0Rkc32OzAqO8LAgfK0_htILcg==

GET
H2 200 pubads_impl_2022040701.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 28ms
6ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js?cb=31067023

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127673
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 08:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Apr 2023 15:15:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 329 B
797 B 36ms
15ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.androidpolice.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

7ea26c2e155afa821d8a157303a6dc302c9d1740b36ae5313f0ece87a60c1e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161
x-xss-protection: 0
expires: Mon, 11 Apr 2022 21:45:08 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
536 B 64ms
16ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.androidpolice.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQPCZ5S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bc36c57c9cdd5313b7a6c4e905fc0e2cfbcd7d622d357a09d9c7df78fe7d0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66755
x-xss-protection: 0
expires: Mon, 11 Apr 2022 21:45:08 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

4 KB
2 KB

57ms
56ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6982258
fly-request-id: 01FSX6K8KQ0M1CZM51NRTAA8C6
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fa6e852587a5a25-MXP

Redirect headers

date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G0D8TZD859X622ZC277FJF74-cdg
server: cloudflare
age: 586
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6fa6e851ae8c5a25-MXP
access-control-allow-origin: *

GET
H2 200 8uhibhcqnt Show response
www.clarity.ms/tag/ 665 B
1 KB 256ms
124ms Script
application/x-javascript 2620:1ec:27::cafe:1774
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8uhibhcqnt?ref=gtm2
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 077c8ecb8d6c0434c84a974bf662d9b37ab26e6f72dbf18da4628826e62eda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
x-powered-by: ASP.NET
x-azure-ref: 0ZKFUYgAAAABPU5mAU8n7SKyUrh17/7xDTElTMDFFREdFMDUxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 301 KB
108 KB 61ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8382598503519971&plah=www.androidpolice.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41fa7e8ffbcaa5ce69d951687de0cb45b8e98ea9473635a75615cf49d3b2ff1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110328
x-xss-protection: 0
server: cafe
etag: 1148290837941698068
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Apr 2022 21:45:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame CF94 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 17:28:43 GMT
etag: 14837630671339829333
expires: Mon, 25 Apr 2022 17:28:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 102ms
101ms XHR
application/json 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fwww.androidpolice.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: d26722e46b6160f5002ed50941243b07040e2b9b84481688c7256d4fb742684d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1961
x-amz-cf-id: tg7NGf9xj-K5Rm_eJ7BPupQn97k9oU6W3HSOzsSRtR3rHQmUZhfWsQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 20ms
6ms XHR
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 64587
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Mon, 11 Apr 2022 03:53:48 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: L_R8K3-eBKquM0_xGDqkvhOAJ9Bqzt1cxUrmODi6BM8OkmmIQAM3NA==

GET
H2 200 acv.json Show response
scarfsmash.com/ 210 KB
46 KB 37ms
16ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/acv.json

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Thu, 07 Apr 2022 18:24:06 GMT
x-datacenter: gce-europe-west1
date: Mon, 11 Apr 2022 21:45:08 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges: bytes

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame AB4C 19 KB
6 KB 16ms
16ms Script
application/javascript 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5e441350-4be0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: RleNr6_zKmmvWcbxiYq-PVW_J17ksGZsKLtOOWjZiZOiGEo59BtoWg==
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame AB4C 9 KB
3 KB 17ms
16ms Script
application/javascript 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"6024fccc-228f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: 1JFjGnVH9nK7du70GaO0aA2Tudm7SHUPt6Au3rIJKErUQFW9YoS5Gw==
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame AB4C 8 KB
3 KB 17ms
16ms Script
application/javascript 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"6024fccc-1ef8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: r_oXWfjuSLk1hjVzdSd_79xex94nCfL_MDJPQmPh_3pq8LkPhvUJQw==
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 hls.0.12.4_3.min.js Show response
live.primis.tech/content/video/hls/ Frame AB4C 258 KB
72 KB 26ms
25ms Script
application/javascript 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 12:48:36 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"623b1724-409bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: 7WY-d4DB7HppwU2bqaUBrFQUdUPL-hMm5gYCDTfiaB6cRD8JD_wygQ==
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 prebidVid.5.18.0_11.min.js Show response
live.primis.tech/content/prebid/ Frame AB4C 490 KB
147 KB 17ms
16ms Script
application/javascript 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dad17c7c62057440ce13ba42120968005b66d0d7125df6b3086e8588fded21e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 06:22:56 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"62415440-7a683"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: D701TFHeP8eZx08vXGPsFlM1_m6-3BApdlV686eqQBcxOIw-n94DFg==
expires: Tue, 11 Apr 2023 21:45:07 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame AB4C 532 KB
533 KB 45ms
44ms Script
text/html 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31325F30307D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A5549433867556C5243615842324E694176494445674C794276626D7835566A593D7D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A20%3A3c00%3A1012%3A17fe%3A2662%3A5f46&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6254a1640263d&debugInfo=16749991_ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1649713507&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e823594261a2f0c2fccb10873ce5fa0ced638a44793100a222c105e7dcb61823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:07 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Cgc7k6Khl7GlRLPZmBXo-KbsBEoMKNdqi7_ZL7EhlEHWtXtNNwi_GA==
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8

GET
H2 204 segments.js Show response
seg.ad.gt/api/v1/ 0
52 B 497ms
166ms Script
text/plain 34.209.98.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.98.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-98-169.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
server: nginx/1.20.0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 389ms
95ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1649713509622&plid=29096575&idsite=androidpolice.com&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&sref=&sts=1649713509617&slts=0&title=Chinese+hackers+are+using+VLC+media+player+to+launch+malware+attacks&date=Mon+Apr+11+2022+21%3A45%3A09+GMT%2B0000+(GMT)&action=pageview&pvid=5115376&u=pid%3D989a8ef4f0e83bbb604b6f74dcc7ded2
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:08 GMT
Cache-Control: no-cache
Last-Modified: Monday, 11-Apr-2022 21:45:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ap-logo-full-white.dcd167c8.svg
www.androidpolice.com/public/build/images/ 5 KB
2 KB 96ms
96ms Image
image/svg+xml 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.androidpolice.com/public/build/images/ap-logo-full-white.dcd167c8.svg

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

daac16a8dcbf772343d560088f23516e8235ab8c3450cae85cc1c61ad4aa6db2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Apr 2022 20:16:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62548c96-1262"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Tue, 11 Apr 2023 21:45:08 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
465 B 51ms
13ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.androidpolice.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
36 KB 32ms
6ms Script
application/x-javascript 99.86.4.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-40.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding: br
etag: W/"d03ceb6300ba5d767156d2d186bfc621"
age: 44463
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 229018ce14d22cf5d355aa4c24ac99ff
last-modified: Thu, 07 Apr 2022 09:05:05 GMT
server: AmazonS3
date: Mon, 11 Apr 2022 09:24:06 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: -Mc9rqCWq6Wpc5Ex7Knd03rR50h84KDhZzqgw5IwUJv1ZYWro_Oe7Q==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 63ms
13ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Mon, 11 Apr 2022 22:00:08 GMT

GET
H2 200 269 Show response
id.halo.ad.gt/api/v1/partner/ 6 KB
3 KB 486ms
159ms Script
text/javascript 35.85.185.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/partner/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.185.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-185-37.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 4b3f9cfb0906d42c830920a7a3421e88209843ed315abea5069b32ccd2b23a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 51ms
16ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Mon, 11 Apr 2022 20:45:46 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 831422767

POST
H2 200 / Show response
r.skimresources.com/api/ 205 B
366 B 39ms
16ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

99d031fa1225eed152e62073f838ce174b9e7583a40da84447d037ea8cd4f58e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame B0A9 0
102 B 43ms
21ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9348496137326374
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 52ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=2.5544494553531836
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 44ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=2.5544494553531836
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

OPTIONS
H2 200 /
events.release.narrativ.com/api/v0/publishers/2412/pub_info/ Frame 0
0 307ms
95ms Preflight
text/html 52.7.229.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/2412/pub_info/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-229-166.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-credentials,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.androidpolice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-credentials, x-requested-with
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.androidpolice.com
allow: GET, OPTIONS, HEAD
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 21:45:08 GMT
server: nginx/1.20.2
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
x-bam-build-version: 63c21d9982831d134ab44164cd70784f89423817
x-bam-env: release
x-robots-tag: none

GET
H2 200 / Show response
events.release.narrativ.com/api/v0/publishers/2412/pub_info/ 185 B
455 B 97ms
97ms XHR
application/json 52.7.229.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/2412/pub_info/

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-229-166.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

c16fe63d5e6c3d1acc9b2aedec440d98db4ebd7ea1bdfe9f26aab74e7be91a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/hackers-vlc-malware/
Access-Control-Allow-Credentials: true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-bam-build-version: 63c21d9982831d134ab44164cd70784f89423817
date: Mon, 11 Apr 2022 21:45:08 GMT
server: nginx/1.20.2
x-bam-env: release
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: none
content-length: 185

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 43ms
6ms Image
image/gif 2600:9000:206f:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
age: 21447034
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: ZaBatD4_WiwUvIiMJvL4KwYHbha4WoxfBLF04D-EDxoXMxrMeQvgnw==

GET
H2 200 b-7b120a5-0a477631.js Show response
tagan.adlightning.com/valnet/ 73 KB
28 KB 7ms
6ms Script
application/javascript 65.9.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/b-7b120a5-0a477631.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46e15ddd3f3583786961d72eb1a81b34bc9dad89240a461dcf02b43c6aa9e9c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 02:36:09 GMT
content-encoding: gzip
age: 2488140
x-cache: Hit from cloudfront
content-length: 28013
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 20:29:14 GMT
server: AmazonS3
etag: "4675e7fa49e7c0ac9234b8fdf094591d"
x-amz-version-id: 7LhAmE_DVksgARINqWh9rINHREPkIDVQ
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ExXUViFXePpRPPGDOtz88J7JqhiREoFlzRJSOrRMnPNFF--z2Jq89g==

GET
H2 200 bl-39123b0-3e0ad4d3.js Show response
tagan.adlightning.com/valnet/ 123 KB
38 KB 8ms
8ms Script
application/javascript 65.9.7.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/bl-39123b0-3e0ad4d3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97df5f65dd260a4cde3d8d42bb685542594a37623c00696ea2d4514231df5924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 23:54:43 GMT
content-encoding: gzip
age: 78626
x-cache: Hit from cloudfront
content-length: 38352
x-amz-meta-git_commit: 39123b0
last-modified: Sun, 10 Apr 2022 23:51:51 GMT
server: AmazonS3
etag: "dbb7c9efaa2212d680c4c5360465dfe3"
x-amz-version-id: heiiu9X9zgQ9s9PsomNHphGOLouCUElG
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: A5i9ZrNlUBfvlcRax2aPib_tO5bpuzNGM8NKHPiYKc7-91vfZuISrg==

GET
H/1.1 200
OK count-data.js Show response
androidpolice.disqus.com/ 1022 B
2 KB 120ms
119ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Fan-android-13-feature-has-already-made-its-way-into-android-12l%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Ffinal-fantasy-vii-the-first-soldier-starters-guide%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Ffitbit-follows-apple-watchs-lead-with-stroke-preventing-tech%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fgoogle-pet-scammers%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fhow-to-set-up-plex-server-nvidia-shield-tv%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fhow-to-use-custom-icon-packs-on-samsung-one-ui-4%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fipad-air-2022-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fiqoo-9-pro-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Flenovo-tab-p12-pro-review%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7bbb5b543aca3691cee2243154bf594fda1b9956128590613c078426b9ad0dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1022
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
androidpolice.disqus.com/ 1 KB
2 KB 136ms
114ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Flg-one-year-state-of-the-industry%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fmoto-g-stylus-2022-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fnetflix-two-thumbs-up-rating-system%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fnvidia-shield-pro-2019-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Foneplus-nord-ce-2-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fplay-store-hide-old-apps-api-security%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-galaxy-a53-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-one-ui-5-rumors%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-upgrades-expert-raw-camera-app-for-improved-low-light-performance%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsungs-lte-only-galaxy-a13-debuts-better-screen-more-cameras-50-off-deal%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f6fd75fb01de97b1b21c911ec58dc9295de5a9f2a524658accbb063b4aa1ef76

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:08 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Fastly-Original-Body-Size: 1147
Age: 0
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1147
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK count-data.js Show response
androidpolice.disqus.com/ 578 B
1 KB 120ms
98ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Funihertzs-next-phone-may-be-for-blackberry-5g-fans%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fvivo-x-fold-foldable-launch%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fweekend-poll-would-you-repair-or-fix-your-own-broken-smartphone%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fxiaomi-12-pro-review%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bb6522af7a20ae1bf996bd269370ff19e0f91b47a4f8fa500cde726918b24fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 292
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 578
X-XSS-Protection: 1; mode=block

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 29ms
14ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6Y5Q4PR4RC&gtm=2oe460&_p=1900887258&sr=1600x1200&_z=ccd.MCB&ul=en-us&cid=1417938177.1649713510&_s=1&dl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&dt=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&sid=1649713509&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1900887258&t=pageview&_s=1&dl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KADAAEABEAQCAC~&jid=1940149120&gjid=147534196&cid=1417938177.1649713510&tid=UA-6275685-2&_gid=1176036198.1649713510&_r=1&_slc=1&cd1=1003197&cd2=steve-huff&cd3=&cd4=Applications&cd5=Applications&cd6=regular&cd7=0&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=article&cd14=1003197&cd15=steve-huff&cd16=&cd17=stephen-schenck&cd18=regular&cd19=all&cd20=false&cd21=0&cd22=false&cd23=native&cd24=desktop&cd25=217.64.151.7&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&cd27=20-24&cd28=20220408&cd29=&cd30=news&cd31=Applications&cd32=%7CNews%7CApplications%7CVLC%7Chacking%7Cmalware%7C&cd33=N&cd34=showAds&cd35=false&cd36=content-all&cd38=software&cd39=News&cd40=Short-Term&z=1094211925

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.34/ 53 KB
23 KB 303ms
104ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8uhibhcqnt?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: br
etag: "1d84ac37b962954"
last-modified: Thu, 07 Apr 2022 21:07:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 269 Show response
p.ad.gt/api/v1/p/ 28 KB
9 KB 486ms
164ms Script
application/javascript 52.36.66.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/269?au_id=AU1D-0100-001649713510-UF6WEURI-IQ2L
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.66.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-66-109.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 918364a73caf4036df5be027775e42071b8ffc323a2211e205335ece8dde772c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 14:31:44 GMT
server: nginx/1.18.0
etag: W/"1649687504.0-28667-2713389681"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
expires: Tue, 12 Apr 2022 09:45:09 GMT

GET
H2 200 haloid Show response
id.halo.ad.gt/api/v1/ 6 KB
3 KB 159ms
159ms Script
text/javascript 35.85.185.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.185.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-185-37.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: c5d5e7f685c3bb91e84b94b6738310b8e2de4056b4668c42131ec64b3f014e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001649713510-UF6WEURI-IQ2L%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&adnxs_id=3830264896767608717

43 B
471 B

184ms
161ms

Image
image/gif

44.236.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&adnxs_id=3830264896767608717
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 44.236.132.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-132-100.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 12 Apr 2022 09:45:09 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:09 GMT
X-Proxy-Origin: 217.64.151.7; 217.64.151.7; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b3903699-08f3-42eb-84f4-d77e00fff4e4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&adnxs_id=3830264896767608717
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001649713510-UF6WEURI-IQ2L
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001649713510-UF6WEURI-IQ2L
https://ids.ad.gt/api/v1/t_match?tdid=e0f06328-7540-4457-a8f4-8475c932f669&id=AU1D-0100-001649713510-UF6WEURI-IQ2L

43 B
467 B

168ms
168ms

Image
image/gif

44.236.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=e0f06328-7540-4457-a8f4-8475c932f669&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 44.236.132.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-132-100.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 12 Apr 2022 09:45:09 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=e0f06328-7540-4457-a8f4-8475c932f669&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001649713510-UF6WEURI-IQ2L
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001649713510-UF6WEURI-IQ2L
https://ids.ad.gt/api/v1/pbm_match?pbm=55E95DC9-9D85-42AE-85D5-50AA354A59DB&id=AU1D-0100-001649713510-UF6WEURI-IQ2L

43 B
470 B

178ms
160ms

Image
image/gif

44.236.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=55E95DC9-9D85-42AE-85D5-50AA354A59DB&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 44.236.132.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-132-100.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 12 Apr 2022 09:45:09 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=55E95DC9-9D85-42AE-85D5-50AA354A59DB&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
date: Mon, 11 Apr 2022 21:45:08 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001649713510-UF6WEURI-IQ2L&google_tc=
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&google_gid=CAESEOSI1pnfTUoukiVbHn-_HqU&google_cver=1&google_ula=450542624,0

43 B
469 B

175ms
162ms

Image
image/gif

44.236.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&google_gid=CAESEOSI1pnfTUoukiVbHn-_HqU&google_cver=1&google_ula=450542624,0
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 44.236.132.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-132-100.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 12 Apr 2022 09:45:09 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&google_gid=CAESEOSI1pnfTUoukiVbHn-_HqU&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001649713510-UF6WEURI-IQ2L
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0OTcxMzUxMC1VRjZXRVVSSS1JUTJM

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0OTcxMzUxMC1VRjZXRVVSSS1JUTJM

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0OTcxMzUxMC1VRjZXRVVSSS1JUTJM
date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx/1.20.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
https://ids.ad.gt/api/v1/ppnt_match?uid=6uJ9TL0tq39N&ev=1&pid=562316&id=AU1D-0100-001649713510-UF6WEURI-IQ2L

43 B
381 B

257ms
257ms

Image
image/gif

44.236.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=6uJ9TL0tq39N&ev=1&pid=562316&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 44.236.132.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-132-100.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 12 Apr 2022 09:45:09 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://ids.ad.gt/api/v1/ppnt_match?uid=6uJ9TL0tq39N&ev=1&pid=562316&id=AU1D-0100-001649713510-UF6WEURI-IQ2L
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84dd458cf8-nlt5n
expires: -1

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
231 B 85ms
40ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001649713510-UF6WEURI-IQ2L
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 25
pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 varnish
server: nginx
x-timer: S1649713509.936268,VS0,VE25
x-served-by: cache-mxp6953-MXP
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
214 B 32ms
7ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001649713510-UF6WEURI-IQ2L&gdpr=0
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

202

unruly
ids.ad.gt/api/v1/
Redirect Chain

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001649713510-UF6WEURI-IQ2L%26unruly_id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001649713510-UF6WEURI-IQ2L%26unruly_id%3D%5BRX_UUID%5D&cb=1649713508977
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&unruly_id=OPTOUT

43 B
382 B

163ms
162ms

Image
image/gif

44.236.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&unruly_id=OPTOUT
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 44.236.132.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-132-100.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 12 Apr 2022 09:45:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:11 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&unruly_id=OPTOUT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
18 KB 33ms
32ms Stylesheet
text/css 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 07:06:30 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: "620367f6-465a"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 18010
x-amz-cf-id: QKbc5hCZRux7VPZ9qLsHsqRlmKCxESS_I6mjTA768Gbh6fZX-FpfWw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame AB4C 134 KB
36 KB 12ms
12ms Script
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31325F30307D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A5549433867556C5243615842324E694176494445674C794276626D7835566A593D7D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A20%3A3c00%3A1012%3A17fe%3A2662%3A5f46&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6254a1640263d&debugInfo=16749991_ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: .7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 286
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0WDPA8TSHZX5HJ6FS7B2
date: Mon, 11 Apr 2022 21:40:24 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oQZAFpjRlpvH8wAMkpu1DrUARnNfi_Db6KlWZjVUUeTepEH2ym47fw==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
933 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 20:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 21:45:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 21:45:08 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F6D4 15 KB
6 KB 82ms
16ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=33844
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 21:45:09 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 12 Apr 2022 07:09:13 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

liveCS.php Show response
live.primis.tech/live/ Frame D79C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=94&advUuid=a85ecac0-b9e0-11ec-ac43-13ae17dc0506

0
332 B

34ms
34ms

Document
text/html

2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=94&advUuid=a85ecac0-b9e0-11ec-ac43-13ae17dc0506
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-store
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 21:45:08 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: nginx
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: wqGnYu6hkK7EpDvFfoPYB78UyhP65sW1lu9eYn8dygjGObe5KkNcAQ==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 11 Apr 2022 21:45:09 GMT
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=94&advUuid=a85ecac0-b9e0-11ec-ac43-13ae17dc0506
Server: nginx
X-fe: 91

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 0A7B 43 B
305 B 42ms
22ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Mon, 11 Apr 2022 21:45:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 04CE 2 KB
1 KB 168ms
18ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2b66247da7613add904f309f31bc20655e84437d3135f414bfbcc3b85817b33e

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.androidpolice.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 893
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AB4C 45 KB
6 KB 36ms
35ms XHR
application/json 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2E3MDUmZwx3MmUjOTI2MmMkLz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDA0JaZcZF9wo250ZW50X2Ryp2M9R2FfYXu5K1MlMCgQoHVmJTNBKmIeoW9hqGumK2kuqGVlJaZcZF9wo250ZW50X3RcqGkyPUquoGF4rSgTMwAeUGk1plUmQSflK21ioaRbplgfYXRypvZ2nWRsY29hqGVhqF9xqXJuqGyiow00NTIzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK1JUQzyjqwYeJTJGKmEeJTJGK29hoHyWNvZ4PTYjMCZ5PTMmOCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phYW5xpz9cZHBioGywZS5wo20yMxZbYWNeZXJmLXZfYl1gYWk3YXJyJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmQlRDMkMmI1RwMjMmA3RDqCNmMmMTM2MmpmNDM5MmxmOTMkN0Q3QwQmMmUmNmqEN0I1MmU5NTt0MTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTMmNwQmMmYmNmU1OTU3MmU2QwYmNxQmOTpjNUE0ODQlNmY2MwQ3NxM2QTVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTU2QmUlNDM2MTU4NDImMwRFNwx0MTp2NDx0NDQ1Nwp0Qmp5NDI3NwYlNxQ3ODM1NTY2QTU5M0Q3RDqCNEMmMTMkMmQmMmMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2MjMCUmQTEjMTIyM0EkN2ZyJTNBMwY2MvUmQTVzNDYzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI1NGEkNwQjMwYmZCZwYaVmqGVlPTE2NDx3MTM1MTAmNTpzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31325F30307D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A5549433867556C5243615842324E694176494445674C794276626D7835566A593D7D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A20%3A3c00%3A1012%3A17fe%3A2662%3A5f46&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6254a1640263d&debugInfo=16749991_ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 080c760d2a4e1c8621dff7b4e4c593d9260086e9e573ce366fa849f5b8087970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 6035
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: 5JRoVHVByQRfKeulKhDdV6czaUF5_VsQlysGeBS3AkxPT3ms9e5I6A==

GET
H2 200 logo_11433.png
video.primis.tech/uploads/video/users/logo/30875/ 1 KB
2 KB 30ms
7ms Image
image/png 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/video/users/logo/30875/logo_11433.png?cbuster=1631179290
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: 2d982a78b1da56ba84ff4f57aad9715cef56b27e56f4ed18f5b831a0f4d7d2e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
via: 1.1 4d2109dc7bb96c2f47ec0ce40f98fe16.cloudfront.net (CloudFront)
last-modified: Thu, 09 Sep 2021 09:21:30 GMT
server: Tengine
x-amz-cf-pop: BRU50-C1
etag: "8aa2d39c821a27affdb7f7a98e4b58a2"
content-type: image/png
access-control-allow-origin: *
expires: Mon, 25 Apr 2022 21:45:09 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1239
x-amz-cf-id: WYOT5UrODk0X68BULrnV3qh9kluLQbxNJ_NRM_BpVn7KIbaxaBcp6A==
x-proxy-cache: HIT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
354 B 36ms
35ms Image
text/html 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0OTpkMmUjOCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4NTAjJaN0YT0jJat9NwAjJax9MmM4JaZcZF9jYXNmRG9gYWyhPXq3ql5uozRlo2yxpG9fnWNyLzNioSZmqWJJZD1upC1lZWpgo3JaX3q3ql5uozRlo2yxpG9fnWNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlMFJUQzyjqwYyMwAyMxYyMwAkJTIjJTJGJTIjo25frVY2JzymQXBjPTAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNDJEMmEmMwVGMmAmMDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmNTM3N0Q3QwUmNTx1ODQkNmQ2MmZENTY2RTRDNTpmOTp5NUEmMTM5MmM2NDMmNwM3NTU5NTpmNTZCNwM2RDM5NmA1QTQ4NDI3NwYlNDp2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp1NTZDNTI0MmYkNTt0MwMlNEU2OTQkNmY0OTQ0NDU2NmRDNmx0Mwp2NwI2RDp4MmU1NwZBNTxmRDqEN0I0QmMkMmEmNDMmMmM3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2MjMCUmQTEjMTIyM0EkN2ZyJTNBMwY2MvUmQTVzNDYzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTAjLwAhNDt5Nv43NSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwI1NGEkNwQjMwYmZCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwQ5NmEmNTEjMmMmJaVcZD1TZWgcozRiU1BfYXyypwYlNTRuMTY0MmJxNTAzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LzFhZHJinWRjo2kcY2UhY29gJTJGnGFwn2Vlpl12oGMgoWFfq2FlZSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=UTF-8
x-amz-cf-id: 1tVsSdD4aMG8bqZZk7tYix2p-Bi99aoH-D4Rudjgb9gKI3ZVpUWAhg==

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame AB4C 43 B
220 B 32ms
9ms Image
image/gif 18.194.211.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.211.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-211-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AB4C
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=93&advUuid=56ef3d78-d1ee-4c99-9879-81b67e91cf8d

0
331 B

17ms
16ms

Image
text/html

2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=93&advUuid=56ef3d78-d1ee-4c99-9879-81b67e91cf8d
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: WUWG_iZPN384AdLuYC7n6bZ2gld3Noex8dtM8H9l_07VEc66zJYcsA==

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=93&advUuid=56ef3d78-d1ee-4c99-9879-81b67e91cf8d
date: Mon, 11 Apr 2022 21:45:09 GMT
server: _
content-length: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AB4C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D99%26advUuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=99&advUuid=YlShZUalbMAnFbULSDv0jAAABIYAAAIB

0
333 B

18ms
17ms

Image
text/html

2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=99&advUuid=YlShZUalbMAnFbULSDv0jAAABIYAAAIB
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: yJWRWxOLYyG2RCQnNeb-pAlAUH6juKC6pHcI_aFEnX2jB4HqJFbq4Q==

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=99&advUuid=YlShZUalbMAnFbULSDv0jAAABIYAAAIB
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Expires: Mon, 11 Apr 2022 21:45:09 GMT

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AB4C
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1398871617316...

0
333 B

18ms
17ms

Image
text/html

2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1398871617316515942189&advId=121&advUuid=1398871617316515942189
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: ULkUp_VIqelGsOTVJ3Ll4qVgLc4uRyybVulc_0sXrfjNZLAPhjCKFA==

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D1398871617316515942189&advId=121&advUuid=1398871617316515942189
date: Mon, 11 Apr 2022 21:45:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame AB4C 0
239 B 38ms
10ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame AB4C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=105&advUuid=3830264896767608717

0
333 B

17ms
17ms

Image
text/html

2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=105&advUuid=3830264896767608717
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA6-C1
content-type: text/html; charset=utf-8
x-amz-cf-id: 3rOADtZU_PpHoNVuHHDdwPwyVzlGXH3rfkoWgdosk0SrptCNyvNHWA==

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:09 GMT
X-Proxy-Origin: 217.64.151.7; 217.64.151.7; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f0ec6bfb-5bf6-4168-8825-8989039c293d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6254a1640263d&pixel=&advId=105&advUuid=3830264896767608717
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vid6135ca7053f97350926331.jpg
video.primis.tech/uploads/cn7/video/users/converted/30875/video_6135c3ae46289537299997/ 13 KB
14 KB 11ms
6ms Image
image/jpeg 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn7/video/users/converted/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.jpg?cbuster=1630915188
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: 2a8dc5e7973e37d9fdb55a0208d2c7c2c676acecc673152f17b06bffb4d53c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 08:01:05 GMT
server: Tengine
x-amz-cf-pop: FRA60-P3
etag: "d10e4f51cb559672ef45c0639b3d134c"
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 25 Apr 2022 21:45:09 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 13660
x-amz-cf-id: dwznV43HOOJKbcP14BPeXsAmJmk_lv-l43tgX8oUsr6iuN7YQ0iVGA==
x-proxy-cache: HIT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6275685-2&cid=1417938177.1649713510&jid=1940149120&gjid=147534196&_gid=1176036198.1649713510&_u=KADAAEAAEAQCAC~&z=1979302940

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Apr 2022 21:45:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AB4C 135 KB
13 KB 60ms
55ms XHR
application/json 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2E3MDUmZwx3MmUjOTI2MmMkLz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDA0JaZcZF9wo250ZW50X2Ryp2M9R2FfYXu5K1MlMCgQoHVmJTNBKmIeoW9hqGumK2kuqGVlJaZcZF9wo250ZW50X3RcqGkyPUquoGF4rSgTMwAeUGk1plUmQSflK21ioaRbplgfYXRypvZ2nWRsY29hqGVhqF9xqXJuqGyiow00NTIzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK1JUQzyjqwYeJTJGKmEeJTJGK29hoHyWNvZ4PTUjMCZ5PTI4MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phYW5xpz9cZHBioGywZS5wo20yMxZbYWNeZXJmLXZfYl1gYWk3YXJyJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmQlRDMkMmI1RwMjMmA3RDqCNmMmMTM2MmpmNDM5MmxmOTMkN0Q3QwQmMmUmNmqEN0I1MmU5NTt0MTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTMmNwQmMmYmNmU1OTU3MmU2QwYmNxQmOTpjNUE0ODQlNmY2MwQ3NxM2QTVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTU2QmUlNDM2MTU4NDImMwRFNwx0MTp2NDx0NDQ1Nwp0Qmp5NDI3NwYlNxQ3ODM1NTY2QTU5M0Q3RDqCNEMmMTMkMmQmMmMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2MjMCUmQTEjMTIyM0EkN2ZyJTNBMwY2MvUmQTVzNDYzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI1NGEkNwQjMwYmZCZwYaVmqGVlPTE2NDx3MTM1MTAmOTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31325F30307D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A5549433867556C5243615842324E694176494445674C794276626D7835566A593D7D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A20%3A3c00%3A1012%3A17fe%3A2662%3A5f46&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6254a1640263d&debugInfo=16749991_ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c64f94d2ed5ae961d006b486cc47c40d102f6c3d1a70288f9fe715c1e2d1ac8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 13081
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: _1MxgFCoJGrNryXG6FDl1IoWfoULax9WRX9HwUzzKuzZFXUF88ifDg==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AB4C 135 KB
13 KB 83ms
81ms XHR
application/json 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2E3MDUmZwx3MmUjOTI2MmMkLz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDA0JaZcZF9wo250ZW50X2Ryp2M9R2FfYXu5K1MlMCgQoHVmJTNBKmIeoW9hqGumK2kuqGVlJaZcZF9wo250ZW50X3RcqGkyPUquoGF4rSgTMwAeUGk1plUmQSflK21ioaRbplgfYXRypvZ2nWRsY29hqGVhqF9xqXJuqGyiow00NTIzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK1JUQzyjqwYeJTJGKmEeJTJGK29hoHyWNvZ4PTM0MCZ5PTE5MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phYW5xpz9cZHBioGywZS5wo20yMxZbYWNeZXJmLXZfYl1gYWk3YXJyJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmQlRDMkMmI1RwMjMmA3RDqCNmMmMTM2MmpmNDM5MmxmOTMkN0Q3QwQmMmUmNmqEN0I1MmU5NTt0MTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTMmNwQmMmYmNmU1OTU3MmU2QwYmNxQmOTpjNUE0ODQlNmY2MwQ3NxM2QTVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTU2QmUlNDM2MTU4NDImMwRFNwx0MTp2NDx0NDQ1Nwp0Qmp5NDI3NwYlNxQ3ODM1NTY2QTU5M0Q3RDqCNEMmMTMkMmQmMmMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2MjMCUmQTEjMTIyM0EkN2ZyJTNBMwY2MvUmQTVzNDYzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI1NGEkNwQjMwYmZCZwYaVmqGVlPTE2NDx3MTM1MTAmOTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31325F30307D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A5549433867556C5243615842324E694176494445674C794276626D7835566A593D7D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A20%3A3c00%3A1012%3A17fe%3A2662%3A5f46&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6254a1640263d&debugInfo=16749991_ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1d4ef5ef85cc4d366e6243cb31efe8b2b5a93c9b0718e6c4bcd616958cd6e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 13079
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: cmb_hS1d9X942hujJhm2NdDqpb1GcYcnvzHKS3qBPjPvcArl4S4TCA==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame AB4C 45 KB
6 KB 54ms
53ms XHR
application/json 2600:9000:2057:ac00:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2E3MDUmZwx3MmUjOTI2MmMkLz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDA0JaZcZF9wo250ZW50X2Ryp2M9R2FfYXu5K1MlMCgQoHVmJTNBKmIeoW9hqGumK2kuqGVlJaZcZF9wo250ZW50X3RcqGkyPUquoGF4rSgTMwAeUGk1plUmQSflK21ioaRbplgfYXRypvZ2nWRsY29hqGVhqF9xqXJuqGyiow00NTIzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK1JUQzyjqwYeJTJGKmEeJTJGK29hoHyWNvZ4PTUjMCZ5PTI4MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phYW5xpz9cZHBioGywZS5wo20yMxZbYWNeZXJmLXZfYl1gYWk3YXJyJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmQlRDMkMmI1RwMjMmA3RDqCNmMmMTM2MmpmNDM5MmxmOTMkN0Q3QwQmMmUmNmqEN0I1MmU5NTt0MTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTMmNwQmMmYmNmU1OTU3MmU2QwYmNxQmOTpjNUE0ODQlNmY2MwQ3NxM2QTVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNmI1MTU1NEE1NTQ5NDMmODY3NTU2QmUlNDM2MTU4NDImMwRFNwx0MTp2NDx0NDQ1Nwp0Qmp5NDI3NwYlNxQ3ODM1NTY2QTU5M0Q3RDqCNEMmMTMkMmQmMmMmN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2MjMCUmQTEjMTIyM0EkN2ZyJTNBMwY2MvUmQTVzNDYzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjMC4jLwQ4OTYhNmUeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwI1NGEkNwQjMwYmZCZwYaVmqGVlPTE2NDx3MTM1MTAmOTEzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31325F30307D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B7251554A5549433867556C5243615842324E694176494445674C794276626D7835566A593D7D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A20%3A3c00%3A1012%3A17fe%3A2662%3A5f46&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6254a1640263d&debugInfo=16749991_ABT+%2F+RTBipv6+%2F+1+%2F+onlyV6&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ac00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c352bcebbe3046083f6ca5d9a31517fd23f5af468cb339b337d336641fda940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:08 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
content-length: 6034
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: e_VBfCl9eYx9HY1hcAsFVePL4saYCqXU0SUNuEh_QSYmiOM4DTrsrg==

GET
H2 200 session.html Show response
events.release.narrativ.com/api/v0/ Frame F476 713 B
1 KB 286ms
98ms Document
text/html 52.7.229.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/session.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-229-166.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

a3b4adf2dda0777c333a1d0c2432189f702da5bdcf6ef0265800de5c2b652a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, max-age=7776000, must-revalidate, proxy-revalidate
content-length: 713
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx/1.20.2
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-bam-build-version: 63c21d9982831d134ab44164cd70784f89423817
x-bam-env: release
x-robots-tag: none

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
88 B 17ms
17ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
370 B 17ms
16ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.androidpolice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:31:44 GMT
x-content-type-options: nosniff
age: 440005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:31:44 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
594 B 50ms
6ms Fetch
application/json 143.204.202.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-34.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 05:03:39 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
age: 60090
x-amzn-requestid: 32e19975-1e73-4526-af44-2e863b32dea9
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6253b6ab-488c3acb69643bb15cf43b51;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA53-C1
x-amz-apigw-id: QZl6xGDWDoEFklQ=
content-length: 28
x-amz-cf-id: q982scv_6uOqzIYq-CQVBmru0wRFPZQX0_8yp3E1aF_y9tJZegdgPA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 api Show response
ls.skimresources.com/ 2 B
350 B 58ms
45ms XHR
application/json 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ls.skimresources.com/api

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.117.120.34.bc.googleusercontent.com

Software

Python/3.8 aiohttp/3.6.3 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.8 aiohttp/3.6.3
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

OPTIONS
H2 206 api
ls.skimresources.com/ Frame 0
0 40ms
15ms Preflight
text/plain 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.skimresources.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.117.120.34.bc.googleusercontent.com
Software: Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.androidpolice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.androidpolice.com
access-control-max-age: 1728000
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8
date: Mon, 11 Apr 2022 21:45:09 GMT
server: Python/3.8 aiohttp/3.6.3
via: 1.1 google

POST
H2 200 v2emqt7YuggLbrhRo6kjmlsY6DTIpaitqwfBgPoMldXv5eOFaUi1NkdZ0MtoQQdtB93izNhUqTx1kHvwps_ylYA Show response
scarfsmash.com/ 209 B
341 B 22ms
22ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2emqt7YuggLbrhRo6kjmlsY6DTIpaitqwfBgPoMldXv5eOFaUi1NkdZ0MtoQQdtB93izNhUqTx1kHvwps_ylYA

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

db4d48c3e294d7db7e2805ccd3e3fe19d7d0ea2f6400fa7a7381fe35178d21de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Mon, 11 Apr 2022 21:45:09 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Mon, 11 Apr 2022 21:45:08 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 48ms
8ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.androidpolice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.androidpolice.com
access-control-max-age: 600
age: 0
content-length: 0
date: Mon, 11 Apr 2022 21:45:09 GMT
server: ATS/9.1.0.33

POST
H/1.1 204
No Content 318113 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame AB4C 0
1 KB 111ms
26ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/318113?src_sys=prebid
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
X-SpotX-Timing-Transform: 0.000306
X-SpotX-Timing-SpotMarket: 0.003598
X-SpotX-Timing-Page-Mux: 0.000288
X-SpotX-Timing-Page-Require: 0.000315
X-fe: 054
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
X-SpotX-Timing-Page: 0.011633
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.004090
Last-Modified: Mon, 11 Apr 2022 21:45:09 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003598
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.androidpolice.com
X-SpotX-Timing-Page-Misc: 0.003002
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame AB4C 19 B
471 B 110ms
90ms XHR
application/json 3.124.87.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&tmax=3000&gdpr=true

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.87.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-87-92.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
accept-ch: sec-ch-width,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ect,sec-ch-downlink,sec-ch-rtt,sec-ch-ua-arch,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-viewport-height
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame AB4C 0
198 B 144ms
123ms XHR
text/plain 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Mon, 11 Apr 2022 21:45:09 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST translator
hbopenbid.pubmatic.com/ Frame AB4C 0
0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame AB4C 173 B
407 B 98ms
8ms XHR
application/json 52.57.177.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.177.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-177-81.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0354523989a6a22810b07ad548141ab44d45273f1d1fc6d38d855e4ed3da6148

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
content-encoding: gzip
x-prebid: pbs-java/1.86.0
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AB4C 6 KB
3 KB 8ms
8ms XHR
application/javascript 65.9.66.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-173.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 64588
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Mon, 11 Apr 2022 03:53:48 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Z6xYD4o_N6GzQN2xEe2F7GLiGlaNCrsLK8tsG_MP9pnS21jBQhIuNw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 48ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6275685-2&cid=1417938177.1649713510&jid=1940149120&_u=KADAAEAAEAQCAC~&z=1626059067

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 46ms
21ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6275685-2&cid=1417938177.1649713510&jid=1940149120&_u=KADAAEAAEAQCAC~&z=1626059067

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
473 B 162ms
161ms Image
image/gif 44.236.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001649713510-UF6WEURI-IQ2L&halo_id=02018hqkt607jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.132.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-132-100.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Tue, 12 Apr 2022 09:45:09 GMT

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame D367 0
397 B 760ms
263ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Mon, 11 Apr 2022 21:45:09 GMT
Etag: 5eaf3c96e7a54dee
Server: VertaMedia 1.0

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 9682 0
397 B 758ms
263ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Mon, 11 Apr 2022 21:45:09 GMT
Etag: 5eaf3c96e7a54dee
Server: VertaMedia 1.0

GET
H2 200 cookie Show response
cm.adform.net/ Frame A3ED 43 B
106 B 68ms
26ms Document
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 8D9F 0
397 B 753ms
265ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Mon, 11 Apr 2022 21:45:09 GMT
Etag: 5eaf3c96e7a54dee
Server: VertaMedia 1.0

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame 91D1 3 KB
2 KB 50ms
6ms Document
text/html 2600:9000:206f:8400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5040
cache-control: max-age=7200
content-encoding: br
content-type: text/html
date: Mon, 11 Apr 2022 20:21:10 GMT
etag: W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified: Thu, 07 Apr 2022 12:21:03 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-id: ZuyJSR79fxCivosZFwz3MXoPK-rXEbjSGIMC2GN4rmT_awf-GvFd_A==
x-amz-cf-pop: FRA56-C1
x-amz-version-id: U.W8ljlyivBpFY6OWTAVDXZLG8GClvad
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 2495
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=MOGMityV0UCAEO88XOL0&pi=admatic&tc=1

0
407 B

684ms
264ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=MOGMityV0UCAEO88XOL0&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Mon, 11 Apr 2022 21:45:09 GMT
Etag: 5eaf3c96e7a54dee
Server: VertaMedia 1.0

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 11 Apr 2022 21:45:09 GMT Mon, 11 Apr 2022 21:45:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=MOGMityV0UCAEO88XOL0&pi=admatic&tc=1
pragma: no-cache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 47F0 15 KB
6 KB 21ms
19ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=33844
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 21:45:09 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 12 Apr 2022 07:09:13 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 04CE 0
397 B 747ms
266ms Image
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: VertaMedia 1.0
Etag: 5eaf3c96e7a54dee
Content-Length: 0

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 04CE 0
397 B 748ms
266ms Image
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: VertaMedia 1.0
Etag: 5eaf3c96e7a54dee
Content-Length: 0

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 04CE 43 B
331 B 792ms
43ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?redir=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: VertaMedia 1.0
Etag: cc5f3c96e7754dee
Content-Length: 43
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F6D4 0
42 B 446ms
19ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12608929&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6254a1640263d%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:08 GMT
content-length: 0

POST
H2 204 collect Show response
j.clarity.ms/ 0
74 B 96ms
95ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Mon, 11 Apr 2022 21:45:08 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
52 B 487ms
160ms Script
text/plain 35.160.251.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=a8e4261f1c76c51d8477c0cb2e4eae33&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&code=%27none%27
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.251.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-251-62.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx/1.20.0

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 11 Apr 2022 22:12:22 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 11 Apr 2022 22:37:16 GMT

POST
H2 200 v2cswFkzxEtoAUPFVmylEASHNuE3swW5p_t4ciolN17N9KyjEH9jMASh3mKwTGLyW7NzNwawpkTfr9PTEvkR4gQ Show response
scarfsmash.com/ 2 KB
776 B 18ms
17ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2cswFkzxEtoAUPFVmylEASHNuE3swW5p_t4ciolN17N9KyjEH9jMASh3mKwTGLyW7NzNwawpkTfr9PTEvkR4gQ

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

d655f4580ee2f1d719b8e8b1b85624eea242583a334f509da8210480cd89f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Mon, 11 Apr 2022 21:45:09 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 735

OPTIONS
H2 200 /
events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/ Frame 0
0 96ms
95ms Preflight
text/html 52.7.229.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/?uid_bam=1771366392888207511

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-229-166.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-credentials,content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.androidpolice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-credentials, content-type, x-requested-with
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.androidpolice.com
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx/1.20.2
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
x-bam-build-version: 63c21d9982831d134ab44164cd70784f89423817
x-bam-env: release
x-robots-tag: none

GET
H2 304 session.gif
events.release.narrativ.com/api/v0/ 0
394 B 97ms
97ms Image 52.7.229.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1771366392888207511&cache_buster=1649713510833

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-229-166.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
x-bam-build-version: 63c21d9982831d134ab44164cd70784f89423817
date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx/1.20.2
x-robots-tag: none
x-bam-env: release
strict-transport-security: max-age=63072000; includeSubDomains; preload

POST
H2 201 / Show response
events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/ 2 B
466 B 98ms
98ms XHR
application/json 52.7.229.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/?uid_bam=1771366392888207511

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-229-166.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/hackers-vlc-malware/
Access-Control-Allow-Credentials: true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-bam-build-version: 63c21d9982831d134ab44164cd70784f89423817
date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx/1.20.2
x-bam-env: release
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: none
content-length: 2

POST
H/1.1 200
OK / Show response
api.narrativ.com/api/v0/publishers/2412/smart_links/ 190 B
523 B 106ms
105ms XHR
application/json 18.209.251.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/smart_links/

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.251.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-251-242.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

8f4ceae3400cae443d1a36c3f74365515df3c207043eb96253f9ef897d0f7ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/hackers-vlc-malware/
Access-Control-Allow-Credentials: true
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx/1.20.2
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.androidpolice.com
Connection: keep-alive
X-Robots-Tag: noindex, follow
Content-Length: 190

OPTIONS
H/1.1 200
OK /
api.narrativ.com/api/v0/publishers/2412/smart_links/ Frame 0
0 386ms
95ms Preflight
text/html 18.209.251.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/smart_links/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.251.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-251-242.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-credentials,content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.androidpolice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-credentials, content-type, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://www.androidpolice.com
Access-Control-Max-Age: 86400
Allow: OPTIONS, POST
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Vary: Origin
X-Robots-Tag: noindex, follow

GET
H2 200 segments Show response
seg.ad.gt/api/v1/ 16 B
193 B 483ms
167ms XHR
text/html 34.209.98.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.androidpolice.com%252Fhackers-vlc-malware%252F&partner_id=269&tagger_id=a8e4261f1c76c51d8477c0cb2e4eae33&au_id=AU1D-0100-001649713510-UF6WEURI-IQ2L
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/269?au_id=AU1D-0100-001649713510-UF6WEURI-IQ2L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.98.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-98-169.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e48fde2cb2231b5015dde8184889cd767b3ca8d1d95dc28fb3b56803ebba0a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Mon, 11 Apr 2022 21:45:09 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
content-length: 16
vary: Origin
content-type: text/html; charset=utf-8

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
107 B 486ms
171ms XHR
text/plain 54.71.86.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/269?au_id=AU1D-0100-001649713510-UF6WEURI-IQ2L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.86.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-86-183.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Mon, 11 Apr 2022 21:45:09 GMT
server: nginx/1.18.0
vary: Origin

GET
H2

200

uu Show response
ih.adscale.de/ Frame 91D1
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1649713510
https://ih.adscale.de/uu?cbfn=receive&t=1649713510&nut&uu=471124476dd4488dba62d58d410661f7

44 B
214 B

8ms
7ms

Script
text/javascript

3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1649713510&nut&uu=471124476dd4488dba62d58d410661f7
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0620b5470d6197fe8eca3d308344e72022c02a26d6b5b60ada5ee9a666ca1031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1649713510&nut&uu=471124476dd4488dba62d58d410661f7
date: Mon, 11 Apr 2022 21:45:09 GMT
content-length: 0

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame 91D1 11 KB
4 KB 6ms
6ms Script
application/javascript 2600:9000:206f:8400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: _Q6rwkwUQlCiFamMY0pH4oTygT9AFWAC
content-encoding: br
last-modified: Thu, 07 Apr 2022 12:21:03 GMT
server: AmazonS3
age: 5039
etag: W/"988fbfb6c270a6080f89deb043243858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Mon, 11 Apr 2022 20:21:11 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6jP8YBAWrmy9gHyNFQt7UT5rciamn5biAWdSIz3rL5IHxxbWRf1pYg==

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 91D1 0
419 B 882ms
264ms Image
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=471124476dd4488dba62d58d410661f7
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: VertaMedia 1.0
Etag: 41bc5d6c4d28a63c
Content-Length: 0

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame 91D1 149 B
224 B 10ms
10ms Script
application/javascript 3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1649713510958&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
content-length: 149
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 862D 3 KB
3 KB 8ms
8ms Document
text/html 3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3ebd48eeaa509b91a335155dc3652935661e8dfa070da5c09848dd87d2f2f221

Request headers

Referer: https://js.adscale.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2604
content-type: text/html;charset=ISO-8859-1
date: Mon, 11 Apr 2022 21:45:09 GMT

GET
H2 200 ConsentManager,Sticky2 Show response
scarfsmash.com/v2vhdp8Bk583QkuKVGrgdXV1E3Wq-5mUiugVKe9GWEuJrZUV52Jlh3nzJ-paONrakf_Cw0eSUamPswvvpHjKq/ 276 KB
80 KB 24ms
24ms Script
text/javascript 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2vhdp8Bk583QkuKVGrgdXV1E3Wq-5mUiugVKe9GWEuJrZUV52Jlh3nzJ-paONrakf_Cw0eSUamPswvvpHjKq/ConsentManager,Sticky2

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

b18421f791ed55b57d1332aa82f9a2707aad4d4bc51ca2e4bf5b15da88f014c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Origin: https://www.androidpolice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "ec918f295e87a0fe1f1e0d75ca928ad76ebb8fc7f82c4130ebd777933c46e15f"
vary: Accept-Encoding, Accept-Language, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Mon, 11 Apr 2022 21:45:09 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 862D 4 KB
2 KB 6ms
6ms Script
application/javascript 2600:9000:206f:8400:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: yX5N1AGjXunyaabxQkZBLVmftUL.tExa
content-encoding: br
last-modified: Thu, 07 Apr 2022 12:21:03 GMT
server: AmazonS3
age: 5039
etag: W/"ff7cce9128150bd82f1a709c03692e3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Mon, 11 Apr 2022 20:21:11 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: SNVDsKLT_avhCHqjgCFHsnONSihk5Gie9qM6u0VppnPfzi15TPtajg==

GET
H2

200

img
ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/ Frame 862D
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=471124476dd4488dba62d58d410661f7&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=101&tpuid=BBID-01-03244275096888590-16574040

49 B
466 B

9ms
9ms

Image
image/gif

3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=101&tpuid=BBID-01-03244275096888590-16574040
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: nginx
Transfer-Encoding: chunked
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=101&tpuid=BBID-01-03244275096888590-16574040
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
653 B 29ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 20:10:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 21:45:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 21:45:09 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 290ms
290ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Mon, 11 Apr 2022 21:45:09 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 37 KB
37 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.androidpolice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 18:06:53 GMT
x-content-type-options: nosniff
age: 445096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 18:06:53 GMT

GET
H2 200 MTUsMjA3MGNhNTc5NGIw
images.getadmiral.com/ 763 B
1 KB 102ms
55ms Image
image/png 2606:4700:3034::6815:4466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MTUsMjA3MGNhNTc5NGIw

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-buildnumber: 456232094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 763
server: cloudflare
x-datacenter: gce-europe-west1
etag: "2c607cb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPvm0%2BZpVGRV9joJXhPmP3Q9FgLOgpX1otbuCgcwFnpZHNVzbTZNrA66qV9os6SyyMCu7fNUB0bYTnR6J0chfeb8khIjYFfJu1BNw0AyzyLarozaAjQFRC9xtQ0Asj8idZiXqBwUSWhdUXefS6dmAR7KwCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=300
x-hostname: button
cf-ray: 6fa6e85c896959fb-MXP

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 862D
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=d557dd87ffcd2ff46aba654ab...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlShZUalbMAnFbULSDv0jAAA%261158

49 B
559 B

12ms
12ms

Image
image/gif

3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlShZUalbMAnFbULSDv0jAAA%261158
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:09 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YlShZUalbMAnFbULSDv0jAAA%261158
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 310
Expires: Mon, 11 Apr 2022 21:45:09 GMT

GET

img
ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/ Frame 862D
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=9473e0ef8713540d69778b9ae66726bea6d20d007c16466d0a6f911560401721&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d1...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=9473e0ef8713540d69778b9ae66726bea6d20d007c16466d0a6f911560401721&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9...
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=42&gdpr=0&tpuid=7664849246464647927

0
0

POST
H2 200 v2emqt7YuggLbrhRo6kjmlsY6DTIpaitqwfBgPoMldXv5eOFaUi1NkdZ0MtoQQdtB93izNhUqTx1kHvwps_ylYA Show response
scarfsmash.com/ 254 B
292 B 35ms
33ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2emqt7YuggLbrhRo6kjmlsY6DTIpaitqwfBgPoMldXv5eOFaUi1NkdZ0MtoQQdtB93izNhUqTx1kHvwps_ylYA

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

c14d02462fa3ebcb2d1592ea7e41fc00ec069d4d1ee8f7108e3ed5e1828789f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Mon, 11 Apr 2022 21:45:09 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-3rjd
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 505852149
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 254
expires: Mon, 11 Apr 2022 21:45:08 GMT

POST
H2 200 visit Show response
app.convertkit.com/forms/1275831/ 7 B
640 B 175ms
175ms Fetch
application/json 2606:4700::6812:ba39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertkit.com/forms/1275831/visit

Requested by

Host: f.convertkit.com
URL: https://f.convertkit.com/ckjs/ck.5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba39 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Apr 2022 21:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: e70de923-60f6-40d3-870e-f4b711795af9
x-runtime: 0.009498
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"aee408847d35e44e99430f0979c3357b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
cf-ray: 6fa6e860b99783b2-MXP

OPTIONS
H2 200 visit
app.convertkit.com/forms/1275831/ Frame 0
0 217ms
159ms Preflight 2606:4700::6812:ba39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convertkit.com/forms/1275831/visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ba39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.androidpolice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 6fa6e85fbf1583b2-MXP
date: Mon, 11 Apr 2022 21:45:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 862D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4be83004-97ab-4dec-9333-7652f8fdc60e&gdpr=0

49 B
581 B

16ms
16ms

Image
image/gif

3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4be83004-97ab-4dec-9333-7652f8fdc60e&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:10 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:10 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=4be83004-97ab-4dec-9333-7652f8fdc60e&gdpr=0
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1397942
content-length: 0
expires: Mon, 11 Apr 2022 00:00:00 GMT

GET

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 862D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=fc3742c302f2b7db6059b31f...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=

0
0

GET
H2 200 chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/ 3 KB
3 KB 23ms
9ms XHR
application/vnd.apple.mpegurl 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/chunklist_480.m3u8
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: 29a0e976549a639335ce33ead598dbade6a5f2d479edd35d4794a8edae0e3f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
via: 1.1 d34a6ddcccee7396488ec5eb47b67a4a.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 2621
last-modified: Mon, 06 Sep 2021 08:02:57 GMT
server: Tengine
etag: "11ecb09cda31659076d9145e45fdbf87"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: ME2hsRflZprOqHZIw-ksN03KdM-b4ru49xAtzlxiPogt_RR4AG4jtQ==
expires: Mon, 25 Apr 2022 21:45:11 GMT

GET
H2 200 w_480_00000.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/ 240 KB
241 KB 14ms
14ms XHR
video/mp2t 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/w_480_00000.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: 884582d4b6370eb776a511ac94861a1cc45393e41f23710d2474ca76fa2c2b67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-length: 246092
last-modified: Mon, 06 Sep 2021 08:02:58 GMT
server: Tengine
etag: "34d213439af96111126834f2666056f6"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: TRlE8-dduxsUSEye_SdXPOKJ4p1L2gFAhYQnl-p2X6pzVKsmnorwSg==
expires: Mon, 25 Apr 2022 21:45:11 GMT

GET
BLOB 200
OK ec586423-0ef6-4237-bbe6-03d6b6f63146
https://www.androidpolice.com/ 67 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.androidpolice.com/ec586423-0ef6-4237-bbe6-03d6b6f63146
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 68465
Content-Type: text/javascript

GET
H2 200 w_480_00001.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/ 324 KB
325 KB 17ms
17ms XHR
video/mp2t 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/w_480_00001.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: 9ee624c0a3c67e5f8a400b3208c6a790098f7b147d1486fcb45320cda3bf1242

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
via: 1.1 753b5d9899259f7b8bd50e1338255e42.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 332008
last-modified: Mon, 06 Sep 2021 08:02:58 GMT
server: Tengine
etag: "3e5630f38811141a3deba65af4ad54cc"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: SkcuqOL0XNE7cYJl7cQLaG1piJfgk16mV6xdO_Ynp3fkuPIRExCkOw==
expires: Mon, 25 Apr 2022 21:45:11 GMT

GET
H2 200 w_480_00002.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/ 356 KB
356 KB 9ms
9ms XHR
video/mp2t 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/w_480_00002.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: af3586471cfc537f882544072145fcd3503f72335cd674c56cc7bd2a57c33d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
via: 1.1 53fbaa26b3bfb2e5e28a55b0d420ee14.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 364156
last-modified: Mon, 06 Sep 2021 08:02:58 GMT
server: Tengine
etag: "052a6808c11eb7b23e665b448f1a93f8"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: eUd_zJgrJGGndjxtpciDattS5f_gEGP_8EU6Cr8okpED5-o7vCAkfw==
expires: Mon, 25 Apr 2022 21:45:11 GMT

GET
H2 200 w_480_00003.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/ 315 KB
316 KB 10ms
9ms XHR
video/mp2t 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/w_480_00003.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: 6e93d1b859f23d7f47d5dcf4f74fd35c7ff0fa39c68c2a08e6319ddb94f6925c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
via: 1.1 2b6f385212d54f32d2c4991db852b20e.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 322984
last-modified: Mon, 06 Sep 2021 08:02:58 GMT
server: Tengine
etag: "c386a4a6e59ee5c8170efc6c565585c6"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: PnYa7simD7bqNI-klqPPt3pKyoA8fmO9U7cAi2xFRuI-hj8xjYocBQ==
expires: Mon, 25 Apr 2022 21:45:11 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 95ms
95ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Mon, 11 Apr 2022 21:45:11 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 w_480_00004.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/ 357 KB
358 KB 8ms
8ms XHR
video/mp2t 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/w_480_00004.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: fca6b070b821816ad70c9922f8a4cb64b93d7206d96bd777fc63dd3f46169a6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
via: 1.1 e279a0a92436000a16e18086b0298532.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 366036
last-modified: Mon, 06 Sep 2021 08:02:58 GMT
server: Tengine
etag: "f1631596b62610f6a62fe38eb29fe708"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: NOY3KTWMNWRS3Diph19GKF8fMUT0C0H7dBQK6XXXIlwHUa3ulukAfg==
expires: Mon, 25 Apr 2022 21:45:11 GMT

GET
H2 200 w_480_00005.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/ 307 KB
308 KB 9ms
9ms XHR
video/mp2t 83.229.84.43
CLOUDWEBMANAGE-IL-FR

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135ca7053f97350926331.mp4/w_480_00005.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 83.229.84.43 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software: Tengine /
Resource Hash: a67018822be9ae8cc6ed10d4ff70b63c65b4d635eb50f70a3047ca49292b89c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.androidpolice.com/hackers-vlc-malware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
via: 1.1 69154db4091f3dbde5ecf072840fdce0.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 314148
last-modified: Mon, 06 Sep 2021 08:02:58 GMT
server: Tengine
etag: "55c06db9985b158c1c96c14170f51bf5"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: twfRgco89txezD6e2DbJz4wpW3MNPvFAJRSTg7wfiBTl5xDgNITPtw==
expires: Mon, 25 Apr 2022 21:45:11 GMT

GET
H2

200

img
ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/ Frame 862D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=ceaf9d276c63bcd1e20052d6aab212864ff48e0663f7c91862a3577b87c2e545&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14c...
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?uid=ceaf9d276c63bcd1e20052d6aab212864ff48e0663f7c91862a3577b87c2e545&tpid=38&gdpr=0&tpuid=CAESEAxtaCaiFepxXTR8SFHOLc8...

49 B
598 B

8ms
8ms

Image
image/gif

3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?uid=ceaf9d276c63bcd1e20052d6aab212864ff48e0663f7c91862a3577b87c2e545&tpid=38&gdpr=0&tpuid=CAESEAxtaCaiFepxXTR8SFHOLc8&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?uid=ceaf9d276c63bcd1e20052d6aab212864ff48e0663f7c91862a3577b87c2e545&tpid=38&gdpr=0&tpuid=CAESEAxtaCaiFepxXTR8SFHOLc8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 424
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/ Frame 862D
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4bbf9041d10a53915b16%2F1649713509591%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=75&tpuid=3830264896767608717&gdpr=0

49 B
608 B

10ms
9ms

Image
image/gif

3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=75&tpuid=3830264896767608717&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:12 GMT
X-Proxy-Origin: 217.64.151.7; 217.64.151.7; 880.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f219d0c3-afc2-48c3-bf18-4f8cfcb58a84
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=75&tpuid=3830264896767608717&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

js Show response
ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/ Frame 862D
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=468c5d976102c0d65f4930cb7eea4b09d8d9951cf03a836d54906c9b3380607f&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4b...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=468c5d976102c0d65f4930cb7eea4b09d8d9951cf03a836d54906c9b3380607f&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F14cfacc9f80e4b...
https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/js?tpid=48&tpuid=4c1282cb6039858166f45ece591b3909

44 B
554 B

10ms
9ms

Script
text/javascript

3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/js?tpid=48&tpuid=4c1282cb6039858166f45ece591b3909
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: eb9c336e75dec080ef0627aaca14525db3f84bbd94be053f63b474b1a102910c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

Date: Mon, 11 Apr 2022 21:45:12 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/js?tpid=48&tpuid=4c1282cb6039858166f45ece591b3909
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 147

POST
H2 200 sium
ih.adscale.de/ Frame 862D 0
0 17ms
17ms Fetch
application/json 3.127.195.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.195.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-195-44.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Mon, 11 Apr 2022 21:45:12 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 47F0 2 KB
3 KB 19ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21670661&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3717387e3630f57e40a6c09a720cadf34e2963686caf83debfc57b881ca38fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:10 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 6B48 35 B
469 B 81ms
19ms Document
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=55E95DC9-9D85-42AE-85D5-50AA354A59DB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 11 Apr 2022 21:45:12 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A8D6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=

42 B
496 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Apr 2022 14:27:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug0027:0:390

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 11 Apr 2022 21:45:12 GMT
Expires: Mon, 11 Apr 2022 21:45:11 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4335 2c68c00 master ord-pixel-x34 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E1A9
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6579280529943216144

42 B
210 B

19ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6579280529943216144
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Apr 2022 21:45:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug022:0:603

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6579280529943216144
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 485F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
342 B

47ms
12ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Apr 2022 14:22:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug0021:0:291

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 11 Apr 2022 21:45:11 GMT
expires: Mon, 11 Apr 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1774384
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame D6D9 0
429 B 264ms
263ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307406&extuid=${UID}55E95DC9-9D85-42AE-85D5-50AA354A59DB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Date: Mon, 11 Apr 2022 21:45:11 GMT
Etag: 41bc5d6c4d28a63c
Server: VertaMedia 1.0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 47F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VeldyZ2FQq6F1VCqNUpZ2w%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

15ms
15ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=33841
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Tue, 12 Apr 2022 07:09:13 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 47F0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c9296254-a167-4e00-9aa9-23c7f63c2156

0
260 B

153ms
14ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c9296254-a167-4e00-9aa9-23c7f63c2156
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 11 Apr 2022 21:45:12 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x55 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c9296254-a167-4e00-9aa9-23c7f63c2156
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 11 Apr 2022 21:45:11 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 47F0
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=55E95DC9-9D85-42AE-85D5-50AA354A59DB
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=352ceb93d548178d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=352ceb93d548178d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=bc13dcc5f112ad6f592a4c30ae9cfcd8&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=e0f06328-7540-4457-a8f4-8475c932f669&icm
https://spl.zeotap.com/?zdid=1332&zcluid=352ceb93d548178d
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=39d0c5a9-9b85-4bf5-7e12-6d86104992f0&reqId=eaa33123-ffc7-41e1-69d8-b55e35429f96&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESELfP08LgdYE-ysEQ5OX10Lw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=39d0c5a9-9b85-4bf5-7e12-6d86104992f0&reqId=eaa33123-ffc7-41e1-69d8-b55...

95 B
164 B

74ms
57ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESELfP08LgdYE-ysEQ5OX10Lw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=39d0c5a9-9b85-4bf5-7e12-6d86104992f0&reqId=eaa33123-ffc7-41e1-69d8-b55e35429f96&zcluid=352ceb93d548178d&zdid=1332
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6fa6e872cdaff923-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESELfP08LgdYE-ysEQ5OX10Lw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=39d0c5a9-9b85-4bf5-7e12-6d86104992f0&reqId=eaa33123-ffc7-41e1-69d8-b55e35429f96&zcluid=352ceb93d548178d&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 47F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVFOTVEQzktOUQ4NS00MkFFLTg1RDUtNTBBQTM1NEE1OURC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
210 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug024:0:493
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 47F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGPQFYTFRdidO9ZawW0Yhvo&google_cver=1

42 B
362 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGPQFYTFRdidO9ZawW0Yhvo&google_cver=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug025:0:415
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGPQFYTFRdidO9ZawW0Yhvo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 47F0 43 B
610 B 67ms
19ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Apr 2022 21:45:12 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 47F0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7664849246464647927

42 B
234 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7664849246464647927
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:484
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:12 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7664849246464647927
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 47F0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0f06328-7540-4457-a8f4-8475c932f669

42 B
450 B

29ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0f06328-7540-4457-a8f4-8475c932f669
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:11 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:832
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:12 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e0f06328-7540-4457-a8f4-8475c932f669
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 47F0
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3830264896767608717&gdpr=0&gdpr_consent=

42 B
233 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3830264896767608717&gdpr=0&gdpr_consent=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:525
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:12 GMT
X-Proxy-Origin: 217.64.151.7; 217.64.151.7; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 70f198c7-0637-4773-a309-a67298e2f9b5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3830264896767608717&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 47F0
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0S_u0oYs7d7KJe3T1yT21dUsv97Kee7f03ga_3Kh

42 B
306 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0S_u0oYs7d7KJe3T1yT21dUsv97Kee7f03ga_3Kh
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:411
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0S_u0oYs7d7KJe3T1yT21dUsv97Kee7f03ga_3Kh
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E02A 281 B
554 B 63ms
14ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Apr 2022 21:45:13 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D62D 1 KB
1 KB 9ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: c631e4d102656a3a7198c082ed19a6357337fecc6098f4bd180263b39dd24ea2

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 461
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 21:45:13 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E2C9 15 KB
6 KB 19ms
13ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=33840
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 21:45:13 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 12 Apr 2022 07:09:13 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D62D 70 B
264 B 31ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D62D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D

170 B
188 B

25ms
22ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D
date: Mon, 11 Apr 2022 21:45:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D62D 170 B
188 B 21ms
17ms Image
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D62D
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM5ODg3MTYxNzMxNjUxNTk0MjE4OQ%3D%3D
date: Mon, 11 Apr 2022 21:45:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame D62D 0
707 B 228ms
192ms Image
text/plain 2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1398871617316515942189&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:12 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 401EDD0E342A452BB4DD0AAD30DA08F6 Ref B: FRAEDGE1112 Ref C: 2022-04-11T21:45:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXcZ9vzXiBN1PPuxjSxZA==

GET
H2

200

xuid
eb2.3lift.com/ Frame D62D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/1398871617316515942189?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-B6ZWa2dE2oSCa1kiHseOluour8y3hlRNEVo3OI9ezQ--~A&dongle=0883

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-B6ZWa2dE2oSCa1kiHseOluour8y3hlRNEVo3OI9ezQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Mon, 11 Apr 2022 21:45:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-B6ZWa2dE2oSCa1kiHseOluour8y3hlRNEVo3OI9ezQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame D62D 43 B
220 B 13ms
7ms Image
image/gif 18.194.211.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=1398871617316515942189&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.211.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-211-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame D62D 42 B
594 B 65ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=1398871617316515942189&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:12 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4E518285D63741AC9277324DB5DF1399 Ref B: FRAEDGE1519 Ref C: 2022-04-11T21:45:13Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame D62D
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1398871617316515942189
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1398871617316515942189&dcc=t

0
0

99ms
99ms

Image
text/html

52.46.154.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1398871617316515942189&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: HTTP/1.1
Server: 52.46.154.242 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:13 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JJB0HMAX6CN62P28ABTX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1398871617316515942189&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame D62D
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

7ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Mon, 11 Apr 2022 21:45:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E02A 32 KB
10 KB 18ms
15ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 21:45:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14789
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Tue, 12 Apr 2022 01:51:42 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E02A 284 B
536 B 13ms
12ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6Y5Q4PR4RC&gtm=2oe460&_p=1900887258&sr=1600x1200&_z=ccd.MCB&ul=en-us&cid=1417938177.1649713510&dl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&dt=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&sid=1649713509&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Apr 2022 21:45:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 47F0 0
260 B 76ms
19ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 21:45:13 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 95ms
95ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.androidpolice.com/hackers-vlc-malware/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Mon, 11 Apr 2022 21:45:14 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: ih.adscale.de
URL: https://ih.adscale.de/sium/14cfacc9f80e4bbf9041d10a53915b16/1649713509591/0/img?tpid=42&gdpr=0&tpuid=7664849246464647927

Domain: ih.adscale.de
URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=c9296254-a167-4e00-9aa9-23c7f63c2156&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

111 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 04:24:49	Name: sync Value: CgoIoQEQm4ba1IEwCgoIgQIQm4ba1IEwCgoI4gEQm4ba1IEwCgoI5gEQm4ba1IEwCgoIhwIQm4ba1IEwCgkICRCbhtrUgTAKCQg6EJuG2tSBMAoJCAsQm4ba1IEwCgoIjAIQm4ba1IEwCgkIXxCbhtrUgTA=
www.androidpolice.com/	1969-12-31 23:59:59	Name: viewType Value: direct
.convertkit.com/	1970-01-20 02:15:15	Name: __cf_bm Value: xJemAyhCffFvwjOULvN_lVbriuFKXphOMA1k.2RJ1F8-1649713507-0-AcUERl/LTqDa0Q82qqy0UPLkLD6i7H41LmvY6sq1BME7LMU/nX43bvttYnM6zZm2LYpcjWiOX1h/nIZZgJVa1l6YLFd0HEO4W5SEwtGza7Os
.androidpolice.com/	1970-01-20 02:15:15	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.androidpolice.com/hackers-vlc-malware/%22%2C%22sref%22:%22%22%2C%22sts%22:1649713509617%2C%22slts%22:0}
.androidpolice.com/	1970-01-20 11:44:37	Name: _parsely_visitor Value: {%22id%22:%22pid=989a8ef4f0e83bbb604b6f74dcc7ded2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1649713509617}
www.clarity.ms/	1970-01-20 11:00:49	Name: CLID Value: fa48a27239284b6ab7117b594e105db6.20220411.20230411
.ad.gt/	1970-01-20 02:16:39	Name: au_idmatch Value: eyJhcG4iOiAxNjQ5NzEzNTA4MzE4LCAidHRkIjogMTY0OTcxMzUwODMxOCwgInB1YiI6IDE2NDk3MTM1MDgzMTgsICJhZHgiOiAxNjQ5NzEzNTA4MzE4LCAiaGFsbyI6IDE2NDk3MTM1MDgzMTgsICJnb28iOiAxNjQ5NzEzNTA4MzE4LCAicHBudCI6IDE2NDk3MTM1MDgzMTgsICJ0YWJvb2xhIjogMTY0OTcxMzUwODMxOCwgInJ1YiI6IDE2NDk3MTM1MDgzMTgsICJ1bnJ1bHkiOiAxNjQ5NzEzNTA4MzE4LCAiYmVlcyI6IDE2NDk3MTM1MDgzMTgsICJpbXByIjogMTY0OTcxMzUwODMxOCwgIm1lZGlhbWF0aCI6IDE2NDk3MTM1MDgzMTgsICJzbWFydCI6IDE2NDk3MTM1MDgzMTgsICJzb24iOiAxNjQ5NzEzNTA4MzE4LCAiYWRvIjogMTY0OTcxMzUwODMxOCwgIm9wZW54IjogMTY0OTcxMzUwODMxOH0=
.androidpolice.com/	1970-01-20 19:46:25	Name: _ga_6Y5Q4PR4RC Value: GS1.1.1649713509.1.0.1649713509.0
.androidpolice.com/	1970-01-20 02:15:17	Name: AMP_TOKEN Value: %24NOT_FOUND
.androidpolice.com/	1970-01-20 19:46:25	Name: _ga Value: GA1.2.1417938177.1649713510
.androidpolice.com/	1970-01-20 02:16:39	Name: _gid Value: GA1.2.1176036198.1649713510
.androidpolice.com/	1970-01-20 02:15:13	Name: _gat Value: 1
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_1d Value: AU1D-0100-001649713510-UF6WEURI-IQ2L
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_apn Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_ttd Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_pub Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_adx Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_halo Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_goo Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_ppnt Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_taboola Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_rub Value: 1649713510262
.androidpolice.com/	1970-01-20 11:00:49	Name: _au_last_seen_unruly Value: 1649713510262
.adnxs.com/	1970-01-20 04:24:49	Name: uuid2 Value: 3830264896767608717
.adsrvr.org/	1970-01-20 11:00:49	Name: TDID Value: e0f06328-7540-4457-a8f4-8475c932f669
.spotxchange.com/	1970-01-20 11:00:49	Name: audience Value: a85ecac0-b9e0-11ec-ac43-13ae17dc0506
.pubmatic.com/	1970-01-20 04:24:49	Name: KADUSERCOOKIE Value: 55E95DC9-9D85-42AE-85D5-50AA354A59DB
.doubleclick.net/	1970-01-20 11:36:49	Name: IDE Value: AHWqTUkbz-3rytfy1bBV7l9Xmhmk7yMjCVVyv7riS7telzl7le8rGpdFvO3uG9zVbhE
.casalemedia.com/	1970-01-20 11:00:49	Name: CMID Value: YlShZUalbMAnFbULSDv0jAAA
.casalemedia.com/	1970-01-20 04:24:49	Name: CMPS Value: 5201
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 5dd3b0b9fecd5de2
.3lift.com/	1970-01-20 04:24:49	Name: tluid Value: 1398871617316515942189
.casalemedia.com/	1970-01-20 04:24:49	Name: CMPRO Value: 1158
.casalemedia.com/	1970-01-20 02:16:39	Name: CMST Value: YlShZWJUoWUA
.narrativ.com/	1970-01-20 15:24:20	Name: uid_bam Value: 1771366392888207511
.androidpolice.com/	1970-01-20 11:00:49	Name: _clck Value: 1q8ujyu\|1\|f0j\|0
.ad.gt/	1970-01-20 19:46:25	Name: last_seenpbm Value: 1649713509288
.ad.gt/	1970-01-20 19:46:25	Name: au_id Value: AU1D-0100-001649713510-UF6WEURI-IQ2L
.ad.gt/	1970-01-20 19:46:25	Name: first_seenpbm Value: 1649713509288
.ad.gt/	1970-01-20 19:46:25	Name: last_seenadnxs Value: 1649713509288
.ad.gt/	1970-01-20 19:46:25	Name: first_seenadnxs Value: 1649713509288
.ad.gt/	1970-01-20 19:46:25	Name: last_seeng_hosted Value: 1649713509287
.ad.gt/	1970-01-20 19:46:25	Name: g_hosted Value:
.ad.gt/	1970-01-20 19:46:25	Name: last_seenadx Value: 1649713509289
.ad.gt/	1970-01-20 19:46:25	Name: first_seenadx Value: 1649713509289
www.androidpolice.com/	1970-01-20 02:16:39	Name: _lr_geo_location Value: DE
.androidpolice.com/	1970-01-21 04:32:01	Name: _awl Value: 2.1649713509.0.5-8fe180aea6529c68b9f04ae8e69ee082-6763652d6575726f70652d7765737431-0
.creativecdn.com/	1970-01-20 11:00:49	Name: u Value: MOGMityV0UCAEO88XOL0
.creativecdn.com/	1970-01-20 11:00:49	Name: ts Value: 1649713509
.adscale.de/	1970-01-20 10:57:29	Name: uu Value: 471124476dd4488dba62d58d410661f7
.androidpolice.com/	1970-01-20 02:16:39	Name: _clsk Value: 8b1bjq\|1649713510911\|1\|1\|j.clarity.ms/collect
.ad.gt/	1970-01-20 19:46:25	Name: last_seenpulsepoint Value: 1649713509346
.ad.gt/	1970-01-20 19:46:25	Name: last_seentd Value: 1649713509436
.ad.gt/	1970-01-20 19:46:25	Name: first_seentd Value: 1649713509436
.ad.gt/	1970-01-20 19:46:25	Name: last_seenhaloid Value: 1649713509461
.ad.gt/	1970-01-20 19:46:25	Name: first_seenhaloid Value: 1649713509461
.ibillboard.com/	1970-01-20 11:00:49	Name: ibbid Value: BBID-01-03244275096888590-16574040
.adform.net/	1970-01-20 02:58:25	Name: C Value: 1
.androidpolice.com/	1970-01-21 04:32:01	Name: _admrla Value: 2.0-8fe180ae-a652-9c68-b9f0-4ae8e69ee082
.adform.net/	1970-01-20 03:41:37	Name: uid Value: 7664849246464647927
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a544989 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a550070 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a307080 Value: MOGMityV0UCAEO88XOL0
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a502624 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a550214 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a306708 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: vmuid Value: 41bc5d6c4d28a63c
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a307565 Value: 471124476dd4488dba62d58d410661f7
.criteo.com/	1970-01-20 11:36:49	Name: uid Value: 4be83004-97ab-4dec-9333-7652f8fdc60e
.ad.gt/	1970-01-20 19:46:25	Name: last_seenunruly Value: 1649713511512
.mathtag.com/	1970-01-20 11:41:08	Name: uuid Value: c9296254-a167-4e00-9aa9-23c7f63c2156
.adscale.de/	1970-01-20 10:57:29	Name: cct Value: 1649713512078
.m6r.eu/	1970-01-20 02:15:17	Name: test Value: true
.m6r.eu/	1970-01-20 04:24:49	Name: cct Value: 1649713512193
.m6r.eu/	1970-01-20 04:24:49	Name: id Value: 4c1282cb6039858166f45ece591b3909
.ih.adscale.de/	1970-01-20 10:57:29	Name: tu Value: 4#1750812131#48~4c1282cb6039858166f45ece591b3909~458253~0~0#101~BBID-01-03244275096888590-16574040~458253~0~0#38~CAESEAxtaCaiFepxXTR8SFHOLc8~458253~0~0#39~~458253~458253~1#40~4be83004-97ab-4dec-9333-7652f8fdc60e~458253~0~0#42~~458253~458253~1#75~3830264896767608717~458253~0~0#63~YlShZUalbMAnFbULSDv0jAAA&1158~458253~0~0
.ads.pubmatic.com/	1970-01-20 02:16:39	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 04:24:49	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 02:16:39	Name: pi Value: 0:4
.pubmatic.com/	1970-01-20 04:24:49	Name: DPSync3 Value: 1650844800%3A197_219_201%7C1649721600%3A174
.pubmatic.com/	1970-01-20 04:24:49	Name: SyncRTB3 Value: 1650844800%3A21_13_56_54_220_7_161_3_8%7C1650931200%3A35
.quantserve.com/	1970-01-20 04:24:49	Name: d Value: EJUBCwHwJfijAA
.quantserve.com/	1970-01-20 11:45:27	Name: mc Value: 6254a168-86509-321d8-d594e
.pubmatic.com/	1970-01-20 04:24:49	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 04:24:49	Name: KRTBCOOKIE_80 Value: 22987-CAESEGPQFYTFRdidO9ZawW0Yhvo&KRTB&16514-CAESEGPQFYTFRdidO9ZawW0Yhvo&KRTB&23025-CAESEGPQFYTFRdidO9ZawW0Yhvo
.pubmatic.com/	1970-01-20 04:24:49	Name: KRTBCOOKIE_153 Value: 1923-0S_u0oYs7d7KJe3T1yT21dUsv97Kee7f03ga_3Kh&KRTB&19420-0S_u0oYs7d7KJe3T1yT21dUsv97Kee7f03ga_3Kh&KRTB&22979-0S_u0oYs7d7KJe3T1yT21dUsv97Kee7f03ga_3Kh
.pubmatic.com/	1970-01-20 04:24:49	Name: KRTBCOOKIE_377 Value: 6810-e0f06328-7540-4457-a8f4-8475c932f669&KRTB&22918-e0f06328-7540-4457-a8f4-8475c932f669&KRTB&23031-e0f06328-7540-4457-a8f4-8475c932f669
.pubmatic.com/	1970-01-20 04:24:49	Name: KRTBCOOKIE_57 Value: 22776-3830264896767608717&KRTB&23339-3830264896767608717
.simpli.fi/	1970-01-20 11:02:15	Name: suid Value: 0C3A652F00E440C6A79FF91BF0EB1333
.de17a.com/	1970-01-20 10:53:37	Name: guid2 Value: 1.6579280529943216144
.pubmatic.com/	1970-01-20 02:58:25	Name: KRTBCOOKIE_391 Value: 22924-7664849246464647927&KRTB&23263-7664849246464647927
.pubmatic.com/	1970-01-20 04:24:49	Name: KRTBCOOKIE_27 Value: 16735-uid:c9296254-a167-4e00-9aa9-23c7f63c2156&KRTB&16736-uid:c9296254-a167-4e00-9aa9-23c7f63c2156&KRTB&23019-uid:c9296254-a167-4e00-9aa9-23c7f63c2156&KRTB&23208-uid:c9296254-a167-4e00-9aa9-23c7f63c2156
.pubmatic.com/	1970-01-20 02:58:25	Name: KRTBCOOKIE_336 Value: 5844-6579280529943216144
.pubmatic.com/	1970-01-20 02:58:25	Name: PugT Value: 1649713512
.console.adtarget.com.tr/	1970-01-20 03:44:30	Name: a307406 Value: ${UID}55E95DC9-9D85-42AE-85D5-50AA354A59DB
.onaudience.com/	1970-01-20 11:00:49	Name: cookie Value: 352ceb93d548178d
.onaudience.com/	1970-01-20 02:16:39	Name: done_redirects104 Value: 1
.pubmatic.com/	1970-01-20 02:58:25	Name: SPugT Value: 1649713512
.crwdcntrl.net/	1970-01-20 08:43:58	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 08:43:58	Name: _cc_id Value: bc13dcc5f112ad6f592a4c30ae9cfcd8
.onaudience.com/	1970-01-20 02:16:39	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 11:00:49	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjsnoPy0oPOOhAFGAEgASgCMgsI1J2fpOmDzjoQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/	1970-01-20 02:16:39	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 11:00:49	Name: zc Value: 39d0c5a9-9b85-4bf5-7e12-6d86104992f0
.zeotap.com/	1970-01-20 02:16:39	Name: zsc Value: %C1%BD%86%22%F4%CB%3DB%F4%D3%FB%CF%A5%F4m%E1%2C%88~%100%3B%82%9A7%C1%22U%88iY%1E%11%99%1B%A84x%94%AE%B9%C5%13%DC%F9TV%D0%C0%E6%86%E7%AFbp%F2%C1%FB%FF%C2%D2%C4C%10%CFt%ED6%1F%C9%92%A5%9B%E6%A1%A0%B7%D6n%1D%F0x%23
.bing.com/	1970-01-20 11:36:49	Name: MUID Value: 1692755FFB876247171E64DCFAEC6372
.yahoo.com/	1970-01-20 11:01:11	Name: A3 Value: d=AQABBGmhVGICEMTlGdVOZIcQSeHSfskppZoFEgEBAQHyVWJeYgAAAAAA_eMAAA&S=AQAAAgkplyUGWce-6GXVj3A85KM
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:47:07	Name: bcookie Value: "v=2&09b1aa06-a89d-4ff2-876f-cc7172ed9560"
.linkedin.com/	1970-01-20 19:37:53	Name: li_gc Value: MTswOzE2NDk3MTM1MTM7MjswMjHqDmkT3i5t5gyk1cil3fm1wIw6gVw3KxFVL5IpkggGQQ==
.linkedin.com/	1970-01-20 02:16:39	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2280:u=1:x=1:i=1649713513:t=1649799913:v=2:sig=AQHIZ9yYKj5H549D52ilLi_J7BPud7st"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ads.pubmatic.com
adscale-emea.adnxs.com
ampcid.google.com
ampcid.google.de
androidpolice.disqus.com
api.narrativ.com
app.convertkit.com
ats.rlcdn.com
b1sync.zemanta.com
bbnaut.ibillboard.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.parsely.com
cm.adform.net
cm.g.doubleclick.net
creativecdn.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
events.release.narrativ.com
f.convertkit.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.halo.ad.gt
ids.ad.gt
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.getadmiral.com
j.clarity.ms
js.adscale.de
live.primis.tech
ls.skimresources.com
match.adsrvr.org
mwzeom.zeotap.com
p.ad.gt
p.skimresources.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixels.ad.gt
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
r.skimresources.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.skimresources.com
scarfsmash.com
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.narrativ.com
static1.anpoimages.com
stats.g.doubleclick.net
sync.1rx.io
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
t.skimresources.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
tracking.m6r.eu
trc.taboola.com
u.openx.net
um.simpli.fi
unpkg.com
video.primis.tech
www.androidpolice.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
hbopenbid.pubmatic.com
ih.adscale.de
13.248.245.213
142.250.186.162
143.204.202.34
151.139.128.11
169.50.137.182
172.217.16.130
178.250.2.151
18.156.195.47
18.194.211.85
18.209.251.242
185.184.8.90
185.33.220.217
185.33.220.243
185.64.189.110
185.64.190.78
185.64.190.80
185.64.190.81
185.94.180.124
185.94.180.126
198.148.27.139
198.47.127.20
199.232.192.134
20.85.30.134
213.155.156.181
213.19.147.45
216.200.232.253
23.205.235.133
23.206.210.112
23.35.236.201
23.35.236.247
23.88.75.188
2600:9000:2057:ac00:1a:5235:f980:93a1
2600:9000:206f:8400:f:4f64:8940:93a1
2600:9000:206f:de00:8:48e:53c0:93a1
2606:4700:10::ac43:25e7
2606:4700:10::ac43:db6
2606:4700:3034::6815:4466
2606:4700::6810:7baf
2606:4700::6812:ba39
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:21::14
2620:1ec:27::cafe:1774
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9a
2a04:4e42:600::300
2a05:d018:d29:3601:2d23:8be0:67ab:2c3
2a0c:5c81:5139::2
3.124.87.92
3.127.195.44
34.120.117.212
34.209.98.169
35.160.251.62
35.186.249.84
35.190.59.101
35.190.91.160
35.201.67.47
35.244.159.8
35.71.131.137
35.85.185.37
37.157.2.239
37.157.4.23
44.196.161.176
44.236.132.100
46.105.202.126
51.79.83.225
52.205.167.202
52.36.66.109
52.46.154.242
52.57.177.81
52.7.229.166
54.154.13.151
54.71.86.183
62.149.0.72
62.209.227.211
65.9.61.60
65.9.66.173
65.9.7.88
65.9.7.89
69.173.144.139
69.173.144.165
70.42.32.95
72.251.244.140
83.229.84.43
99.86.4.40
0202e59060242c55972c39c482ccefb652b2be1f838b187a3a798fc265e1b2f1
0354523989a6a22810b07ad548141ab44d45273f1d1fc6d38d855e4ed3da6148
0375b396ee741813158bda96fabc3295611b9ca67cd367aa31193cf80dacfe95
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05fde9258245fd1d1558ca071a747faedbd1a573c67e512d6b728cba8d6a37b8
0620b5470d6197fe8eca3d308344e72022c02a26d6b5b60ada5ee9a666ca1031
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077c8ecb8d6c0434c84a974bf662d9b37ab26e6f72dbf18da4628826e62eda7a
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
080c760d2a4e1c8621dff7b4e4c593d9260086e9e573ce366fa849f5b8087970
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f25eef1f15c5be98d251cc8b60a3cdaf0bb23672d313c8a62dd2037bbb7488e
0f4020071f4d6fbd6e07ddb16daf4859441c7454a0c733b019f7cb1adc8f4d49
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
29a0e976549a639335ce33ead598dbade6a5f2d479edd35d4794a8edae0e3f8c
2a8dc5e7973e37d9fdb55a0208d2c7c2c676acecc673152f17b06bffb4d53c4a
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2b66247da7613add904f309f31bc20655e84437d3135f414bfbcc3b85817b33e
2d982a78b1da56ba84ff4f57aad9715cef56b27e56f4ed18f5b831a0f4d7d2e6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
3717387e3630f57e40a6c09a720cadf34e2963686caf83debfc57b881ca38fd2
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebd48eeaa509b91a335155dc3652935661e8dfa070da5c09848dd87d2f2f221
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4030095476183bad3ae6bddbf7a6d9e779b6923506604aa1ca0af24b75318e00
41fa7e8ffbcaa5ce69d951687de0cb45b8e98ea9473635a75615cf49d3b2ff1c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
46e15ddd3f3583786961d72eb1a81b34bc9dad89240a461dcf02b43c6aa9e9c7
479f3efcd9820d350b21a3c82d42d88f0476e4ed7133607fb39c0e74c56efedf
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b3f9cfb0906d42c830920a7a3421e88209843ed315abea5069b32ccd2b23a1c
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bafb239c4816cee20669f90a921942c19c74e161210b242369caab201f473fa
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5bc36c57c9cdd5313b7a6c4e905fc0e2cfbcd7d622d357a09d9c7df78fe7d0b8
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
624d529e0da6719af2df6d25615df0c3a7b2dd28c015a731dd0341f0600c5d12
62e7c4f1854029f0916985354a44fdd2d4bee70411ef19c60a61a58edd86b6e0
6378f6326c6b8ed5ba7c9dd71718f4acfab15effd24a9c83974e4e8ea473879e
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a8804158a5f56af60a232fa06013e913c22968bc0d44cf8c8a291358c8637e6
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6e93d1b859f23d7f47d5dcf4f74fd35c7ff0fa39c68c2a08e6319ddb94f6925c
7bbb5b543aca3691cee2243154bf594fda1b9956128590613c078426b9ad0dcc
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ea26c2e155afa821d8a157303a6dc302c9d1740b36ae5313f0ece87a60c1e8f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855ba186047446b87318c982a61bf91d72b12e17301277334e081445f3203edc
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
884582d4b6370eb776a511ac94861a1cc45393e41f23710d2474ca76fa2c2b67
8b0d1446f412484a2a7d1abb46ddc5de128d8aaf11b1fe04ac729ee4830c5e5b
8c352bcebbe3046083f6ca5d9a31517fd23f5af468cb339b337d336641fda940
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dad17c7c62057440ce13ba42120968005b66d0d7125df6b3086e8588fded21e
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f4ceae3400cae443d1a36c3f74365515df3c207043eb96253f9ef897d0f7ad8
9115bbf3b3dee88764e74ecdf31c2234ece91aa42a596a1d3ba11925662777ba
918364a73caf4036df5be027775e42071b8ffc323a2211e205335ece8dde772c
926952e0833e0acb9dd02fdbbe59bb8be77f8e7571aaedc900649b9513500e8b
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
97df5f65dd260a4cde3d8d42bb685542594a37623c00696ea2d4514231df5924
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d031fa1225eed152e62073f838ce174b9e7583a40da84447d037ea8cd4f58e
9ee624c0a3c67e5f8a400b3208c6a790098f7b147d1486fcb45320cda3bf1242
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d4ef5ef85cc4d366e6243cb31efe8b2b5a93c9b0718e6c4bcd616958cd6e7d
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3b4adf2dda0777c333a1d0c2432189f702da5bdcf6ef0265800de5c2b652a50
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a67018822be9ae8cc6ed10d4ff70b63c65b4d635eb50f70a3047ca49292b89c8
a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af3586471cfc537f882544072145fcd3503f72335cd674c56cc7bd2a57c33d9d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18421f791ed55b57d1332aa82f9a2707aad4d4bc51ca2e4bf5b15da88f014c9
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b7b7fb37ec681a6a1bd507ce80613c7343fb3b394b29e21e7b11d6a6df933f68
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6522af7a20ae1bf996bd269370ff19e0f91b47a4f8fa500cde726918b24fd5
c14d02462fa3ebcb2d1592ea7e41fc00ec069d4d1ee8f7108e3ed5e1828789f7
c16fe63d5e6c3d1acc9b2aedec440d98db4ebd7ea1bdfe9f26aab74e7be91a7e
c2f1e02e54fe66adc0d5f1f06048c30bb7cdf2645b7e0fc48c881923868f5f27
c5d5e7f685c3bb91e84b94b6738310b8e2de4056b4668c42131ec64b3f014e40
c631e4d102656a3a7198c082ed19a6357337fecc6098f4bd180263b39dd24ea2
c64f94d2ed5ae961d006b486cc47c40d102f6c3d1a70288f9fe715c1e2d1ac8b
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c9c969c534018935993ccb32e0057bb637ba4898ed5784b8a86302961e3f0e99
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
ca69e85bfa33d67c2001304584f3896ea16134f79b1d07015a2c28634aeed06b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26722e46b6160f5002ed50941243b07040e2b9b84481688c7256d4fb742684d
d655f4580ee2f1d719b8e8b1b85624eea242583a334f509da8210480cd89f765
daac16a8dcbf772343d560088f23516e8235ab8c3450cae85cc1c61ad4aa6db2
db4d48c3e294d7db7e2805ccd3e3fe19d7d0ea2f6400fa7a7381fe35178d21de
dc581e9f8209a6d552fdd853e8ed7b453779e5d8e571f78a5962e6bcfd7fecb0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48fde2cb2231b5015dde8184889cd767b3ca8d1d95dc28fb3b56803ebba0a1f
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
e823594261a2f0c2fccb10873ce5fa0ced638a44793100a222c105e7dcb61823
e8fd802ce5042d308a2d650c3db8f60b2bd3b884f34d6ceabe0631a3a9e226f5
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eb9c336e75dec080ef0627aaca14525db3f84bbd94be053f63b474b1a102910c
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ffeed0ceb0e14dfa1f0bd0fa79520b976f0ef6644190e09a2a1520feb76322
f6fd75fb01de97b1b21c911ec58dc9295de5a9f2a524658accbb063b4aa1ef76
fca6b070b821816ad70c9922f8a4cb64b93d7206d96bd777fc63dd3f46169a6e
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

www.androidpolice.com Open in urlscan Pro 44.196.161.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

206 Requests

82 %HTTPS

28 %IPv6

60 Domains

100 Subdomains

78 IPs

12 Countries

4971 kBTransfer

8999 kBSize

111 Cookies

14 Outgoing links

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.androidpolice.com Open in urlscan Pro
44.196.161.176 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

82 %
HTTPS

28 %
IPv6

60
Domains

100
Subdomains

78
IPs

12
Countries

4971 kB
Transfer

8999 kB
Size

111
Cookies

206 HTTP transactions
0 data transactions