URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Submission: On November 15 via api from GB — Scanned from GB

Summary

This website contacted 29 IPs in 5 countries across 23 domains to perform 87 HTTP transactions. The main IP is 13.32.27.24, located in United States and belongs to AMAZON-02, US. The main domain is www.xatakandroid.com. The Cisco Umbrella rank of the primary domain is 210631.
TLS certificate: Issued by Amazon on May 2nd 2022. Valid for: a year.
This is the only time www.xatakandroid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.32.27.24 16509 (AMAZON-02)
17 18.66.248.119 16509 (AMAZON-02)
5 52.222.236.124 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 2600:9000:224... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 185.59.220.194 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:224... 16509 (AMAZON-02)
3 18.66.248.19 16509 (AMAZON-02)
17 178.79.242.181 22822 (LLNW)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.207 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 188.65.124.90 41690 (DAILYMOTI...)
1 2a03:2880:f11... 32934 (FACEBOOK)
4 188.65.124.59 41690 (DAILYMOTI...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.91 41690 (DAILYMOTI...)
1 2a00:1450:400... 15169 (GOOGLE)
3 168.119.15.224 24940 (HETZNER-AS)
2 151.101.130.207 54113 (FASTLY)
1 188.65.124.66 41690 (DAILYMOTI...)
87 29
Apex Domain
Subdomains
Transfer
19 weblogssl.com
img.weblogssl.com — Cisco Umbrella Rank: 105632
recommendations.weblogssl.com — Cisco Umbrella Rank: 137767
627 KB
17 dmcdn.net
api.dmcdn.net — Cisco Umbrella Rank: 46954
static1.dmcdn.net — Cisco Umbrella Rank: 6147
vendorlist.dmcdn.net — Cisco Umbrella Rank: 10111
s1.dmcdn.net — Cisco Umbrella Rank: 8060
651 KB
8 blogs.es
i.blogs.es — Cisco Umbrella Rank: 85825
ab.blogs.es — Cisco Umbrella Rank: 137662
74 KB
4 dm-event.net
pebed.dm-event.net — Cisco Umbrella Rank: 7317
726 B
4 dailymotion.com
www.dailymotion.com — Cisco Umbrella Rank: 6369
speedtest.dailymotion.com — Cisco Umbrella Rank: 7635
dmxleo.dailymotion.com — Cisco Umbrella Rank: 6208
30 KB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 11460
2 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 413
469 KB
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 14989
flowcards.mrf.io — Cisco Umbrella Rank: 15398
25 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
3 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3305
58 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6669
159 KB
2 gstatic.com
www.gstatic.com
17 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
graph.facebook.com — Cisco Umbrella Rank: 126
582 B
2 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8560
cdn.pbstck.com — Cisco Umbrella Rank: 9962
52 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
92 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
89 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
17 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3108
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
449 B
1 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 17611
3 KB
1 gravatar.com
www.gravatar.com — Cisco Umbrella Rank: 3686
15 KB
1 xatakandroid.com
www.xatakandroid.com — Cisco Umbrella Rank: 210631
31 KB
87 23
Domain Requested by
17 img.weblogssl.com www.xatakandroid.com
img.weblogssl.com
14 static1.dmcdn.net www.dailymotion.com
static1.dmcdn.net
www.xatakandroid.com
5 i.blogs.es www.xatakandroid.com
4 pebed.dm-event.net www.dailymotion.com
static1.dmcdn.net
3 events.newsroom.bi sdk.mrf.io
3 imasdk.googleapis.com www.dailymotion.com
static1.dmcdn.net
imasdk.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 ab.blogs.es www.xatakandroid.com
3 img.youtube.com www.xatakandroid.com
3 sdk.privacy-center.org www.xatakandroid.com
sdk.privacy-center.org
2 flowcards.mrf.io
2 www.gstatic.com static1.dmcdn.net
www.gstatic.com
2 www.dailymotion.com api.dmcdn.net
www.dailymotion.com
2 recommendations.weblogssl.com img.weblogssl.com
2 www.googletagmanager.com img.weblogssl.com
2 connect.facebook.net img.weblogssl.com
connect.facebook.net
1 s1.dmcdn.net
1 dmxleo.dailymotion.com static1.dmcdn.net
1 s0.2mdn.net imasdk.googleapis.com
1 speedtest.dailymotion.com static1.dmcdn.net
1 vendorlist.dmcdn.net static1.dmcdn.net
1 www.google.co.uk www.xatakandroid.com
1 www.google.com www.xatakandroid.com
1 stats.g.doubleclick.net www.google-analytics.com
1 graph.facebook.com connect.facebook.net
1 cdn.pbstck.com boot.pbstck.com
1 www.facebook.com connect.facebook.net
1 boot.pbstck.com www.googletagmanager.com
1 sdk.mrf.io www.xatakandroid.com
1 api.dmcdn.net img.weblogssl.com
1 cdn.insurads.com img.weblogssl.com
1 www.gravatar.com www.xatakandroid.com
1 www.xatakandroid.com
87 33
Subject Issuer Validity Valid
*.3djuegos.com
Amazon
2022-05-02 -
2023-05-31
a year crt.sh
weblogssl.com
Amazon
2022-07-04 -
2023-08-02
a year crt.sh
*.blogs.es
Amazon
2022-01-06 -
2023-02-04
a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-23 -
2023-11-23
a year crt.sh
*.privacy-center.org
Amazon
2022-04-09 -
2023-05-08
a year crt.sh
*.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-08-24 -
2022-11-22
3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2
2022-04-29 -
2023-05-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA
2022-09-11 -
2022-12-10
3 months crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-10-23 -
2023-11-24
a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3
2022-07-04 -
2023-07-04
a year crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA
2022-10-12 -
2023-01-10
3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA
2022-10-16 -
2023-01-14
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
www.google.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
www.google.co.uk
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
speedtest.dailymotion.com
ZeroSSL ECC Domain Secure Site CA
2022-10-11 -
2023-01-09
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-10-25 -
2023-01-17
3 months crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3
2022-10-17 -
2023-01-15
3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-10-23 -
2023-11-24
a year crt.sh
dmxleo.dailymotion.com
ZeroSSL RSA Domain Secure Site CA
2022-10-26 -
2023-01-24
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Frame ID: 98ED24FB307569E4F30C36EDA2849C76
Requests: 57 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Frame ID: 4E7D75F9128C3F04D605696E4C5D8DBF
Requests: 25 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E786115B31A4E68ED201904E0713DBA9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Frame ID: FD9F77AB8BB02340AF34AC8DF33283A7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Así es el spyware BadBazaar, el Pegasus chino que está en más de 100 apps de Android

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

87
Requests

100 %
HTTPS

55 %
IPv6

23
Domains

33
Subdomains

29
IPs

5
Countries

2433 kB
Transfer

8371 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
www.xatakandroid.com/seguridad/
113 KB
31 KB
Document
General
Full URL
https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
/
Resource Hash
cd6db5d55b2a6686066cbf2a10ebcfa99eaaa0eba58734dd9ca5ac2a01c3faeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
countrycode
GB
date
Tue, 15 Nov 2022 06:05:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
surrogate-control
content="ESI/1.0"
vary
Accept-Encoding
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-id
yP5IGv56bE_7gFBdjzo_IsdPbcIUWzvDplsfBpYHnEARbngR29rftQ==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-clientip
217.138.196.100
prebid-gdpr-v6.21.1.js
img.weblogssl.com/LPbackend/vendor/
284 KB
88 KB
Script
General
Full URL
https://img.weblogssl.com/LPbackend/vendor/prebid-gdpr-v6.21.1.js?v=460586f3
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
208dde22ba246b2965fdc4d0fc1bc4ea291a3adef9a1b562aec2fcbb99925446

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:55:09 GMT
content-encoding
gzip
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 12:51:01 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
699
etag
W/"d060ad3fe3324133a584acc5762ea319"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3200000
x-amz-cf-id
6HP0pU43DUoTUJ8Pq4IpoG5uUB7BDGHJxlMMB3n7jN_Bfe6x3cCnxA==
main.css
img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/
1 MB
134 KB
Stylesheet
General
Full URL
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0014e42d2d2ee937e7921473b1e5645132e03a3b30f57f03ff7f8197b6ee21f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:16:11 GMT
content-encoding
gzip
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 13:10:08 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
60542
etag
W/"a6702bcf9b9ee54f5dca24f6c79c4c8e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=30000000
x-amz-cf-id
mjZz-M3nMpqx0HhzoRPHDPeEy7onjp4-_1tz1W2cUPUU525crSm3bw==
1366_2000.webp
i.blogs.es/086050/malware/
37 KB
37 KB
Image
General
Full URL
https://i.blogs.es/086050/malware/1366_2000.webp
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53bbdb662b4362cf177521780d3ffe6be0ae82b232f8d1afdf709421f04e1a88

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:06:46 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 09:48:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
71907
etag
"d5e6fa8451c66315c9c6f23564f564d6"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=32000000
accept-ranges
bytes
content-length
37938
x-amz-cf-id
wD9uvbJ5Cj3sU7t4VyynES2SDSEbMuOFarwKl9YE6uBJw0cayCwsog==
1d38d7e3b96a79cb5a017de47126217d
www.gravatar.com/avatar/
14 KB
15 KB
Image
General
Full URL
https://www.gravatar.com/avatar/1d38d7e3b96a79cb5a017de47126217d?s=80&d=mm&r=g
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7cf75412b0586b0e41a0bd9de2e69265502ee29ae3041dd3e923f2f23aa5aa24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nc
HIT lhr 4
date
Tue, 15 Nov 2022 06:05:12 GMT
last-modified
Wed, 07 Sep 2022 07:46:03 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="1d38d7e3b96a79cb5a017de47126217d.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/1d38d7e3b96a79cb5a017de47126217d?s=80&d=mm&r=g>; rel="canonical"
content-length
14707
expires
Tue, 15 Nov 2022 06:10:12 GMT
375_142.webp
i.blogs.es/13f67d/androidvirus/
6 KB
7 KB
Image
General
Full URL
https://i.blogs.es/13f67d/androidvirus/375_142.webp
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1deba264a88795b95a59027f3fb1cf8e149d873440061215915a4fc0c95b72c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:06:46 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 18:09:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
71907
etag
"80789e3b441c19ef1511ec95a2129b2d"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=32000000
accept-ranges
bytes
content-length
6642
x-amz-cf-id
TOnEtJewE_aFnh2fA5RKfKA_6e3pv1MY-bnyIb4echul5lMcfmZxlA==
loader.js
sdk.privacy-center.org/7bd10a97-724f-47b3-8e9f-867f0dea61c8/
13 KB
5 KB
Script
General
Full URL
https://sdk.privacy-center.org/7bd10a97-724f-47b3-8e9f-867f0dea61c8/loader.js?target=www.xatakandroid.com
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:3800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
98474a698e91974fc76a4c5fe2c8b74d3b4ec771fb79b267b99dfd658ee3773e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:12 GMT
content-encoding
gzip
via
1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-didomi-remote-config-source
Lambda
server
CloudFront
x-amz-cf-pop
DUS51-P1
etag
"5fdac52678d57de4443d90dbf2502b3a"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
4359
x-amz-cf-id
AT5BcJK_p5XGZrjVTDMbr-DxIWIbcZR6od6btw3Y6v2HUThAbDJePA==
mqdefault.jpg
img.youtube.com/vi/l92GL2Ps0xI/
22 KB
23 KB
Image
General
Full URL
https://img.youtube.com/vi/l92GL2Ps0xI/mqdefault.jpg
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd302a04e14afc60001c39fdd53e9552f112bb80bec02ba57839794c42aa6bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:23:20 GMT
x-content-type-options
nosniff
age
2512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22657
x-xss-protection
0
server
sffe
etag
"1667569109"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 15 Nov 2022 07:23:20 GMT
mqdefault.jpg
img.youtube.com/vi/YQSqTj2NJHI/
20 KB
20 KB
Image
General
Full URL
https://img.youtube.com/vi/YQSqTj2NJHI/mqdefault.jpg
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ffc89a5d2284a855dacd3279abab5e43dd865d0f09b8c0e3ac99d136a490801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:16:51 GMT
x-content-type-options
nosniff
age
2901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20779
x-xss-protection
0
server
sffe
etag
"1667838316"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 15 Nov 2022 07:16:51 GMT
mqdefault.jpg
img.youtube.com/vi/FpMsOJ67-a8/
15 KB
15 KB
Image
General
Full URL
https://img.youtube.com/vi/FpMsOJ67-a8/mqdefault.jpg
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
589af6ab790a2e2f354e7641b1a052445d6e68b842f8fba297599b118638a520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:59:41 GMT
x-content-type-options
nosniff
age
331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14987
x-xss-protection
0
server
sffe
etag
"1666887785"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 15 Nov 2022 07:59:41 GMT
postpage-460586f3.js
img.weblogssl.com/LPbackend/prod/v2/js/
906 KB
229 KB
Script
General
Full URL
https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-460586f3.js
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2aa65cc702e2bf1c019414f33484e7ad8d0fd74b0dec0074d6135369ccc71ac3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:55:09 GMT
content-encoding
gzip
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 07:41:50 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
697
etag
W/"08d6b1ac7d6683dd85e418036cc6510a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
x-amz-cf-id
oul5GLfP9aGhPZ1ne_1p_OlsBgFdtHrCvz2fAKOtgJuhn2ymLKjWJw==
sdk.cfc7dff97586d9e789a09962d604231ffdb3f62e.js
sdk.privacy-center.org/
475 KB
96 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk.cfc7dff97586d9e789a09962d604231ffdb3f62e.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/7bd10a97-724f-47b3-8e9f-867f0dea61c8/loader.js?target=www.xatakandroid.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:3800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
199b6b617441dde669cdce6c37802320e0c4bec7d3e4cc5f87e696962495028b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:57:38 GMT
content-encoding
gzip
via
1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 10:53:22 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1668422883/ctime:1668422883/gid:0/gname:root/md5:4bc41bf01247737cdff570938922fbb1/mode:33188/mtime:1668422883/uid:0/uname:root
x-amz-cf-pop
DUS51-P1
age
68855
etag
W/"4bc41bf01247737cdff570938922fbb1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
gAFg1VWqzTlL9K6g2JrsRiD_wSE1tGw2j1oGJMkHAfLlPUoXrBxZBA==
line-canvas.svg
img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/images/
1 KB
960 B
Image
General
Full URL
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/images/line-canvas.svg?v=153
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bbea25cc01ba9b6a38b3d2f810fb36ea51736e402e8be253155bc223b057622

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:16:12 GMT
content-encoding
gzip
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Tue, 13 Mar 2018 15:27:28 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
60541
etag
W/"039112084071557423ff2b2a742b2d2e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=30000000
x-amz-cf-id
zM0i3qbK9Bmh7PfrWCebATIPtt4E6zvobeHe-ICh2Laj1JACkTAJDQ==
logo-edge_light.svg
img.weblogssl.com/g/r/svg/webedia/
6 KB
3 KB
Image
General
Full URL
https://img.weblogssl.com/g/r/svg/webedia/logo-edge_light.svg?v=153
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a05bbe3e1d42f2339ae2d6aa6612dc5a5a1ff8f25252853f2b46e5673a0252d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:16:12 GMT
content-encoding
gzip
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Mon, 16 May 2022 08:29:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
60541
etag
W/"28c251aee885ca9d04d9139530ab20f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
qLzgUT273GC5aVyckP7SeE8GxMCHgu-Z3RKvQj3HE2LtI-QUGYgQsA==
head-brand-logo.svg
img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/images/
9 KB
3 KB
Image
General
Full URL
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/images/head-brand-logo.svg?v=153
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d1a5248706df739942272291e5e24ae518d91a50fdfca8bb5beacbc84b87b34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:16:12 GMT
content-encoding
gzip
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Tue, 13 Mar 2018 15:27:24 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
60541
etag
W/"988e689bcb1d233a43bbc35342ca24f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=30000000
x-amz-cf-id
C1LGRDRfdwCFnNLD7yF31-7SXBXaF4tZ-pARaWyJEkqKwMGiBebhPw==
icon-fire.png
img.weblogssl.com/g/r/svg/
1008 B
1 KB
Image
General
Full URL
https://img.weblogssl.com/g/r/svg/icon-fire.png?v=153
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ab17e8bc3643997f26bbef40677b44acd0e71d10c2663a26f8326b7c095ac9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:16:12 GMT
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jul 2019 10:42:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
60541
etag
"dffaeb59a843985a8200769ac04b442d"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1008
x-amz-cf-id
eRR6gBV8wmou1kDoaOKust5_nx6oS4u9oeaY839PuMHtUjHl-WkQdQ==
tofino_regular-webfont.woff2
img.weblogssl.com/g/r/fonts/
25 KB
26 KB
Font
General
Full URL
https://img.weblogssl.com/g/r/fonts/tofino_regular-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d3c7428a9340184fdcf160acdf6bb87efd87165a671aeb343520a22a3f2846d

Request headers

Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:54:39 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
634
x-cache
Hit from cloudfront
content-length
25764
last-modified
Thu, 21 Oct 2021 06:18:46 GMT
server
AmazonS3
etag
"791212a7626e430aaee8433a6ee49646"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
1PVUpj77zhlKvH5akm1srapcOIa0LLvFAnvYMmg9wj_Efo1PaSDWZg==
icons.ttf
img.weblogssl.com/g/r/icons/
27 KB
17 KB
Font
General
Full URL
https://img.weblogssl.com/g/r/icons/icons.ttf?bv12vh9
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24b23d99aaf9540063f0ff1bde9191cde2ac85a2f7c5685fe43fc7dd6a1c5fd3

Request headers

Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:16:11 GMT
content-encoding
gzip
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 09:22:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
60542
etag
W/"7f5b2e18c2fb87a62ceebdb7bfb038aa"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, HEAD
content-type
application/font-sfnt
access-control-allow-origin
*
x-cache
Hit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
VJLA2tdvBRtgb1gxdtmrzpY7sq8HwmIji-DKNcAaorfTBsyJ9-bKKA==
tofino_bold-webfont.woff2
img.weblogssl.com/g/r/fonts/
25 KB
25 KB
Font
General
Full URL
https://img.weblogssl.com/g/r/fonts/tofino_bold-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e6e2c6850694985f529126a28d71141375fd08787ca7abac3d9137be8f4b057

Request headers

Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:44:47 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
1225
x-cache
Hit from cloudfront
content-length
25204
last-modified
Thu, 21 Oct 2021 06:18:46 GMT
server
AmazonS3
etag
"99c0bd3a43dc9fd03ca1781c61c09e6f"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
k7r-FakMhXoTJfgQpWslvrU4vsxovwDkjmaqLASsPM7LEIBc_rWSjg==
charter_regular-webfont.woff2
img.weblogssl.com/g/r/fonts/
22 KB
23 KB
Font
General
Full URL
https://img.weblogssl.com/g/r/fonts/charter_regular-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50a0050e04d8c49be258c2bea7ad79619303071fcb6b00df50f21ef9d8d85c6a

Request headers

Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:54:39 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
634
x-cache
Hit from cloudfront
content-length
22544
last-modified
Tue, 04 Jun 2019 07:49:52 GMT
server
AmazonS3
etag
"554cdfa4043584554c8ef63e1c94a6e0"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
3O5MtkboX56fqS79zH6RDIuJAx1t-666_VCKNWoqZxhk8z4mpUlYMA==
charter_bold-webfont.woff2
img.weblogssl.com/g/r/fonts/
22 KB
22 KB
Font
General
Full URL
https://img.weblogssl.com/g/r/fonts/charter_bold-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3666e4a2a4292705eb7c1df421862c318bdbc7119a7b822acdc3fdb8f2d1c9a

Request headers

Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:56:37 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
516
x-cache
Hit from cloudfront
content-length
22432
last-modified
Tue, 04 Jun 2019 07:49:52 GMT
server
AmazonS3
etag
"a58cea76dc73b44a0ac0bebdfe2f4985"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
KSkOmwT6EOw1m8IELL-OQ2peyZoWZvfKTAUqu0vnVSmpX-_CqTrhDg==
tofino_medium-webfont.woff2
img.weblogssl.com/g/r/fonts/
25 KB
25 KB
Font
General
Full URL
https://img.weblogssl.com/g/r/fonts/tofino_medium-webfont.woff2
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52cd4c98082867738a9f27e30d46276a136d5b9bc81b102361e9bb2a32097e4d

Request headers

Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:54:39 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
634
x-cache
Hit from cloudfront
content-length
25512
last-modified
Thu, 21 Oct 2021 06:18:46 GMT
server
AmazonS3
etag
"512cb6a2d5c843257a3f25c1c200d41b"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
nuW-teeqPcXLRIRWRLZ28TjDB0Q0RXM9MFTgQtL8m-jHF4vQ8CuFFg==
favicons.ttf
img.weblogssl.com/g/r/icons/
18 KB
13 KB
Font
General
Full URL
https://img.weblogssl.com/g/r/icons/favicons.ttf?n3rtsy
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fdafd7201c8df373fd5e675e75573201c5ab543d05b00843987a5f749efdbb4

Request headers

Referer
https://img.weblogssl.com/css/xatakandroid/p/skin-site-xataka-d/main.css?v=1668431422
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:16:12 GMT
content-encoding
gzip
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
last-modified
Wed, 01 Jun 2022 06:59:33 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
60541
etag
W/"044df3c1d4f9f47c0265e241d8ed1a6b"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, HEAD
content-type
application/font-sfnt
access-control-allow-origin
*
x-cache
Hit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
3aVBDtKqb0-F7TmgifeCxIocExvJbwJDHOFlMrrHGuEAD92miYiCgA==
dailymotion-460586f3.js
img.weblogssl.com/LPbackend/prod/v2/js/
12 KB
4 KB
Script
General
Full URL
https://img.weblogssl.com/LPbackend/prod/v2/js/dailymotion-460586f3.js
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23a5b3e79d0416aae662f875cfd473ae0338de8ea69865e5de506780e39350f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 05:55:10 GMT
content-encoding
gzip
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 07:41:43 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
663
etag
W/"99e4938ed3fce47f132a1faf1fdfb62d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
x-amz-cf-id
3gVzKEh_X5MvEvpg_uPwdq9kPualU4XwDnCnyUcmKfppiswJQinnKQ==
sdk.js
connect.facebook.net/es_ES/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/es_ES/sdk.js
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-460586f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
122474e723373617ff53ad7b32c60017d10b05c3992348a3c6242866a1ee9455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 15 Nov 2022 06:05:12 GMT
content-md5
m/pFa4gbnBk3uCRR6tgMqA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
nH+EJkrQK1OLMtnuW1cxt71FUMQodxcpFwZ7ZWcrTfGDGm++CkJDCcC3xxQwWgtUvofVcV4JPJw4BzBObcIwxA==
x-fb-trip-id
686109401
x-fb-content-md5
e2464d96f46ff40660ca6c5690bef9cb
cross-origin-opener-policy
same-origin-allow-popups
etag
"54409335a9e475773a0b308b95f8408b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 15 Nov 2022 06:20:21 GMT
KMWM4DLN.js
cdn.insurads.com/bootstrap/
7 KB
3 KB
Script
General
Full URL
https://cdn.insurads.com/bootstrap/KMWM4DLN.js
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-460586f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE-713 /
Resource Hash
6c8be240924a0abacd1918f131f5f39d6afc3bab17c1ad7d4f510b7c3861b9ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:12 GMT
content-encoding
gzip
cdn-edgestorageid
713
x-amz-request-id
3KJR6C64JV3K0FJQ
cdn-cachedat
08/20/2022 03:40:19
cdn-pullzone
55316
x-amz-id-2
PXaLV0YblGNRqvjmkuS8n78Wpo/qTKMGqYNLnHLeEljCGBC5y4bCBXu6Oyf33rW2hs4kq/O9LtA=
last-modified
Tue, 01 Feb 2022 19:19:49 GMT
server
BunnyCDN-DE-713
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"e2ef8dbd86e46c1c1ba4423b2b8f71f1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
98820d5dbf599ca47afb7acf21b40f17
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/
126 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NB7BQ4F
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-460586f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7ebddfd12f590b6e2444b88caa1383577aede09b7a2a246e2fbc4da008751b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48331
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Nov 2022 06:05:12 GMT
gtm.js
www.googletagmanager.com/
131 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWST58M
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-460586f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9952afd310c02179e4d8f723ce45ce20ad0ffdd248d68edba771989c2a0806b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44822
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Nov 2022 06:05:12 GMT
xatakandroid
recommendations.weblogssl.com/editorial/
2 KB
1 KB
XHR
General
Full URL
https://recommendations.weblogssl.com/editorial/xatakandroid
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-460586f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:b400:16:9f91:2d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
d62636ee49e7ab42d37acf1021a7622e8b46f6f5498d18812153bccd3e6c9a93

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 04:41:00 GMT
content-encoding
gzip
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
5053
x-powered-by
Express
etag
W/"84e-fC+/SBHA6PIPEJzJM4NrUxrA4LM"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
HrOAkOqRkTo4bTl0xWp1ZbQjbk1T84WJR0pQmybzFlEvYrKEnkyVBA==
GB
recommendations.weblogssl.com/xatakandroid/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android/
5 KB
2 KB
XHR
General
Full URL
https://recommendations.weblogssl.com/xatakandroid/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android/GB
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/postpage-460586f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:b400:16:9f91:2d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
843ad4173fdc81fed5efe7c7914593e77e676273c3a4790243217641ef0214e4

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-powered-by
Express
etag
W/"12d5-McnD3nL03wQbrHbT2nfvgNvkoNo"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
SL4kmh-QNsj3PZdUPB8Hh5fiZW3hYUs-cFOO1-1o6LuMdlLKkQJS8Q==
avatar.png
img.weblogssl.com/css/xatakandroid/p/v6/images/
609 B
961 B
Image
General
Full URL
https://img.weblogssl.com/css/xatakandroid/p/v6/images/avatar.png
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d59c76a636de1d2b640ef3eec7b48cdecb5725dc48b972bbab2e8549f81e92e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 03:29:42 GMT
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Tue, 13 Mar 2018 12:24:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
12018931
etag
"57e34a3688dbbda4784821bab40fae37"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=30000000
accept-ranges
bytes
content-length
609
x-amz-cf-id
6kxSxtZ4wXIyxehoFkcKSLUPTTpzsY97R6aWDjh0qDIm-5-oQYjFnQ==
ui-gdpr-en.cfc7dff97586d9e789a09962d604231ffdb3f62e.js
sdk.privacy-center.org/
276 KB
58 KB
Script
General
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.cfc7dff97586d9e789a09962d604231ffdb3f62e.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.cfc7dff97586d9e789a09962d604231ffdb3f62e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:3800:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1211ad5098026fa42f3f341c40f7b7ae4572ad734b0cf809fd5e1da15a141c9f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 10:57:38 GMT
content-encoding
gzip
via
1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 10:53:50 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1668422883/ctime:1668422883/gid:0/gname:root/md5:b8f421ab9a24fc9937f630c69b07d0c5/mode:33188/mtime:1668422883/uid:0/uname:root
x-amz-cf-pop
DUS51-P1
age
68856
etag
W/"b8f421ab9a24fc9937f630c69b07d0c5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
0AH5nOt3xdsHeBpTzEljMK-SCab3kys2ONryQCv-JTE7_VqL6WA7Vw==
abtest.png
ab.blogs.es/
923 B
1 KB
Image
General
Full URL
https://ab.blogs.es/abtest.png?editorialRecommendations=view&device=desktop
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 17:30:25 GMT
Via
1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 Nov 2015 10:49:20 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P1
Age
6179689
ETag
"129f05c18a5cedaa173c43366af65ca0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
923
X-Amz-Cf-Id
YaWeyxEU7VPf9y9K8j_zp6PZMNMVWT-mqqfRuJP25uL0fFfvKqEHWg==
all.js
api.dmcdn.net/
29 KB
11 KB
Script
General
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: img.weblogssl.com
URL: https://img.weblogssl.com/LPbackend/prod/v2/js/dailymotion-460586f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
a486a5eaec40b9f65f15e630f77f5530b91ccecf1e0d18a5c5c2d218e7584edb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
30176
server-timing
total;dur=0, dc;desc="dc3"
content-length
11001
last-modified
Tue, 18 Oct 2022 08:55:52 GMT
server
DMS/1.0.42
etag
"634e6a18-7574"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-llid
0ee19d680e1c8dc7259f8a3510fd2a41
expires
Tue, 15 Nov 2022 21:42:17 GMT
sdk.js
connect.facebook.net/es_ES/
306 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/es_ES/sdk.js?hash=2d204654d7e813a0076cf8dd1af18bf3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64702fcc5fcafd573164219792590bcce078b32dcc7eab0d998476ece06dbdcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.xatakandroid.com/
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 15 Nov 2022 06:05:13 GMT
content-md5
tLy43O9TF/3NvCWQPF4Tng==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88412
x-fb-rlafr
0
x-fb-debug
MMZpN057g9KsC4Is6gW8uqVQGbCEWeFLsxFvvdowDbvJS0nat5sfQVZ+FEvCaKSnP7CVSxBVPPN2OGtLxVZ9NQ==
x-fb-content-md5
4a1dc240db3f123bf50f31113b723565
cross-origin-opener-policy
same-origin-allow-popups
etag
"a1bc8692893ad9c2b22bf02add4ec9ea"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Nov 2023 05:19:06 GMT
xatakandroid-logo-canvas_dark.png
img.weblogssl.com/g/brands/logos/
9 KB
10 KB
Image
General
Full URL
https://img.weblogssl.com/g/brands/logos/xatakandroid-logo-canvas_dark.png
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-119.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dccbcc173fab8052b6e3004b2529c9c86db8db757a12814478c9109149a8c1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:16:51 GMT
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jun 2020 12:36:02 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
13574903
etag
"e64984616d475d0198a84e47f969c7d3"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9440
x-amz-cf-id
JAYZFCSHk25McruYVa1-qEh78nIxldexeJMXhlMnkuX-3FQlBlMIqQ==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB7BQ4F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 15 Nov 2022 05:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2424
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 15 Nov 2022 07:24:49 GMT
marfeel-sdk.js
sdk.mrf.io/statics/
86 KB
24 KB
Script
General
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=2097
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4d61c58e7b1bacb8ccf4ba602ec0f2c51c9c330b65628a0bb168e7c7693ba2c

Request headers

Referer
https://www.xatakandroid.com/
Origin
https://www.xatakandroid.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
br
x-b3-traceid
6f6a0ed42e8b4d72ac447300fb7e33e9
x-amz-cf-pop
LHR61-C1
x-cache
Hit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
c45bddf38e3d49de8f61732e118df1a9
content-length
23815
x-served-by
cache-lcy19231-LCY
last-modified
Mon, 14 Nov 2022 16:17:30 GMT
server
AmazonS3
x-timer
S1668492314.541821,VS0,VE0
etag
W/"39b71f3e13cef9546ee36cb4f2d69dff"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
mXza0N4twNakJFbJ4hDGDSlfVfR4mPLFkZH8kg_AQEZJ7v8-k6qeTw==
x-cache-hits
2
47641324-b0c6-4480-8b5c-793a59aebabc
boot.pbstck.com/v1/tag/
1 KB
857 B
Script
General
Full URL
https://boot.pbstck.com/v1/tag/47641324-b0c6-4480-8b5c-793a59aebabc
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWST58M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e71e943c6bd023d3085dd3f805d6c4f4d3ab79a1521b2c804624ac5ceb5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
76a5cb3fbfb97756-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
150_150.jpg
i.blogs.es/57d4bc/antivirus-mario/
13 KB
13 KB
Image
General
Full URL
https://i.blogs.es/57d4bc/antivirus-mario/150_150.jpg
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1217f16aab1b9897b8cc0850c26eb65a258cd6674b421b071ad80bb22d5c9251

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 13:37:50 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2018 11:41:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
318444
etag
"1c22f6d01e2dcb22b333588f5683dfcd"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
accept-ranges
bytes
content-length
13210
x-amz-cf-id
goCuRMDEkcR1cmH8FckvGLEgYhHmssVP32-SwNqb6_wHlQ9C4GRDkA==
150_150.jpg
i.blogs.es/4c2a7e/google-pixel-fold/
4 KB
5 KB
Image
General
Full URL
https://i.blogs.es/4c2a7e/google-pixel-fold/150_150.jpg
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70e7b80fc7ed74d5f48c205c41ecb2e2a7f5498690473b5948dfe39dcf18261a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 22:56:31 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 22:28:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
25723
etag
"bc05322cb4b0a92550f859b2cd4c756d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
accept-ranges
bytes
content-length
4423
x-amz-cf-id
WrE2DyV6rYTuIO_2xQf920wduxIwAMo7LLGhKTPF5hHNWUgUwRpd6w==
150_150.jpg
i.blogs.es/88ce75/fabby-google-2/
8 KB
8 KB
Image
General
Full URL
https://i.blogs.es/88ce75/fabby-google-2/150_150.jpg
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cda3aa3d7da19cc08aabbed621a103399214bdc38c684a8c31209b73460e113d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
last-modified
Tue, 14 Jun 2022 13:02:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"416aece76430a7de8961da6602279113"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=32000000
accept-ranges
bytes
content-length
7844
x-amz-cf-id
WasAkmjAm1ehw5KR4_UK8zeoGXZ3RvYmqZSGwGb97SkHg29M0Qjs7Q==
abtest.png
ab.blogs.es/
923 B
1 KB
Image
General
Full URL
https://ab.blogs.es/abtest.png?recommendationsAction=view&device=desktop&recommendationVersion=210
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 04:58:20 GMT
Via
1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 Nov 2015 10:49:20 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P1
Age
7261614
ETag
"129f05c18a5cedaa173c43366af65ca0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
923
X-Amz-Cf-Id
OqDBrPluQLYxzFRIZJmvA5j3ohAlawSNiClfATB02eyD0BmSVUyR0Q==
abtest.png
ab.blogs.es/
923 B
1 KB
Image
General
Full URL
https://ab.blogs.es/abtest.png?sidebarRecommendations=view&device=desktop&recommendationVersion=210&containers=v9,homePagePosts,v7
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 01 Nov 2022 10:47:15 GMT
Via
1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 Nov 2015 10:49:20 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P1
Age
1192679
ETag
"129f05c18a5cedaa173c43366af65ca0"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
923
X-Amz-Cf-Id
jWFPVI7yYeTfnXpPKyHxFDrOqItfVTXENxLXtR5CMuI9f6s1gxV_1A==
x801azu
www.dailymotion.com/embed/video/ Frame 4E7D
44 KB
16 KB
Document
General
Full URL
https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
c660a607f8cf7af6c5def74378d4360f63d18611ab0968367c31210ec0e74349
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://www.xatakandroid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
14694
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Tue, 15 Nov 2022 06:05:13 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Link
<https://static1.dmcdn.net>; rel=preconnect
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Server-Timing
total;dur=42, dc;desc="dc3"
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=195946050422925&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.xatakandroid.com%2Fseguridad%2Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/sdk.js?hash=2d204654d7e813a0076cf8dd1af18bf3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 15 Nov 2022 06:05:13 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
+U4AdjZy0Bz2DXPRZM9gg3e2Gi0fqCyHEPHgoDEIlt/WlLRfz6Qo4ceG9hunltD4egGxAVToWo9Obsl5JghQnA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.xatakandroid.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
collector-dcfd314.js
cdn.pbstck.com/
188 KB
52 KB
XHR
General
Full URL
https://cdn.pbstck.com/collector-dcfd314.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/47641324-b0c6-4480-8b5c-793a59aebabc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b7568a7ae60cc5a7b58698ea7a8efb978664f9c0e5b9744e7c5722d1dc480b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
br
cf-cache-status
HIT
age
424490
x-guploader-uploadid
ADPycdvLR5__eRJ43ujrXybbjan6yVhBxQDqj1Krf24lmRNmRAXpjZkyg9kjvrcS6w-7fmKCwUXu6Q8S5WxGjvzLlPNenQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Oct 2022 13:00:08 GMT
server
cloudflare
etag
W/"81b51b5c7e77565009c57838f4e7f40a"
vary
Accept-Encoding
x-goog-hash
crc32c=cEqTDw==, md5=gbUbXH53VlAJxXg49Of0Cg==
x-goog-generation
1666702808137150
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
52079
cf-ray
76a5cb40ba1a8e38-LHR
expires
Thu, 17 Nov 2022 07:53:57 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1088151987&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xatakandroid.com%2Fseguridad%2Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android&ul=en-us&de=UTF-8&dt=As%C3%AD%20es%20el%20spyware%20BadBazaar%2C%20el%20Pegasus%20chino%20que%20est%C3%A1%20en%20m%C3%A1s%20de%20100%20apps%20de%20Android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1291419416&gjid=725416014&cid=388260028.1668492314&tid=UA-679927-33&_gid=236294012.1668492314&_r=1&gtm=2wgb90NB7BQ4F&cg1=post&cg2=%C3%A1lvaro%20garc%C3%ADa%20m.&cg3=seguridad&cg4=normal&cg5=221114&cd2=no&cd4=157241&cd5=https%3A%2F%2Fwww.xatakandroid.com%2Fseguridad%2Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android&cd6=2022-11-14&cd7=XTA&cd8=postpage&cd9=1&cd10=0&cd11=11&cd12=Technology&cd13=2022-11-14T11%3A04&cd14=seguridad&cd15=malware%2Cspyware&cd16=%C3%81lvaro%20garc%C3%ADa%20m.&cd17=normal&cd19=GB&z=1247337276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 06:05:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xatakandroid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp.jq_flight.3033f0d7176196134921.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
41 KB
15 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.jq_flight.3033f0d7176196134921.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
1898795
server-timing
total;dur=1, dc;desc="dc3"
content-length
14940
last-modified
Thu, 20 Oct 2022 14:03:57 GMT
server
DMS/1.0.42
etag
"6351554d-a5dc"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
84b0a25595d89be52b8ab882a71d88bd
expires
Wed, 23 Nov 2022 06:38:38 GMT
dmp.photon_manifest.2c5ee259e18c6dc055cd.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
4 KB
2 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.2c5ee259e18c6dc055cd.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
d48f7e64aeeef2e7d1c7506638b3414284d6ca51014c69db5302d2833cd702fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
77652
server-timing
total;dur=0, dc;desc="dc3"
content-length
2020
last-modified
Mon, 14 Nov 2022 08:27:18 GMT
server
DMS/1.0.42
etag
"6371fbe6-113c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
68cb634531a2afb194220f314349c361
expires
Wed, 14 Dec 2022 08:31:01 GMT
dmp.photon_vendor.cb0d857b291806973621.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
334 KB
101 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f74a32e5a4f6d1cae28c38950b2295074af158c8c1d30af26cd94151cf62ce15

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
49183
server-timing
total;dur=0, dc;desc="dc3"
content-length
103108
last-modified
Mon, 14 Nov 2022 08:27:18 GMT
server
DMS/1.0.42
etag
"6371fbe6-5371b"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
be9cf3da4e75fb54ae2d3cf9ed80ebf4
expires
Wed, 14 Dec 2022 16:25:30 GMT
dmp.photon_boot.3f677ca6b0f9a0cb7c3f.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
193 KB
45 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.photon_boot.3f677ca6b0f9a0cb7c3f.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2da1554426327c299fc13c5dcbd205694cf50a09d990a897dd5c3bbd93d86d65

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
680248
server-timing
total;dur=0, dc;desc="dc3"
content-length
45229
last-modified
Fri, 04 Nov 2022 18:39:56 GMT
server
DMS/1.0.42
etag
"63655c7c-3049c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
cb046021bf3ad5ad49fa0e445051dc18
expires
Wed, 07 Dec 2022 09:07:45 GMT
dmp.photon_app.260c69f2c989b97f2210.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
485 KB
135 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.260c69f2c989b97f2210.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
d0054b6ec34a3672b42e9b053aa98c465e09bbbd012bb240d18d46a2107868d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
77652
server-timing
total;dur=1, dc;desc="dc3"
content-length
137476
last-modified
Mon, 14 Nov 2022 08:27:18 GMT
server
DMS/1.0.42
etag
"6371fbe6-793d9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
ea2dbdd9850735ab3608877b23aebb4b
expires
Wed, 14 Dec 2022 08:31:01 GMT
dmp.photon_player.e0a67999252abf1f29e6.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
90 KB
27 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.photon_player.e0a67999252abf1f29e6.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
9e49999e407e8d227c0b6e5cd23c0f0ff59c27b1f44319b28f90723fe681ff5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
712037
server-timing
total;dur=1, dc;desc="dc3"
content-length
27005
last-modified
Fri, 04 Nov 2022 18:39:56 GMT
server
DMS/1.0.42
etag
"63655c7c-1663a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
a027bc2075948161b8c3888f20ec6afa
expires
Wed, 07 Dec 2022 00:17:56 GMT
/
pebed.dm-event.net/ Frame
0
0
Preflight
General
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method
POST
Origin
https://www.dailymotion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Content-Length
0
Date
Tue, 15 Nov 2022 06:05:13 GMT
Server
edward-ed/2.2.1
dmp.locale-en-US.331ac040134065321ad6.json
static1.dmcdn.net/playerv5/ Frame 4E7D
3 KB
1 KB
XHR
General
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.331ac040134065321ad6.json
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
b06fc6631868407530d7e4bd9eb906da343a3e5b6e13ae77781ce78fbcc4be57

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
1897819
server-timing
total;dur=0, dc;desc="dc3"
content-length
838
last-modified
Fri, 21 Oct 2022 09:37:12 GMT
server
DMS/1.0.42
etag
"63526848-b40"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
08f3a2664da7a3911d533a38ef68f73d
expires
Wed, 23 Nov 2022 06:54:54 GMT
/
pebed.dm-event.net/ Frame 4E7D
15 B
363 B
XHR
General
Full URL
https://pebed.dm-event.net/
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/
accept-language
en-GB,en;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Tue, 15 Nov 2022 06:05:14 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
x801azu
www.dailymotion.com/player/metadata/video/ Frame 4E7D
16 KB
12 KB
XHR
General
Full URL
https://www.dailymotion.com/player/metadata/video/x801azu?embedder=https%3A%2F%2Fwww.xatakandroid.com%2F&locale=en-US&dmV1st=4EA41DD1A5A28B3C0F213700CBD8B593&dmTs=114425&is_native_app=0&cust_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
f0ab80f1a9d650f5579c12e6fe1932583f57cb5931282c8b75f4b6ae9c4d3243
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Tue, 15 Nov 2022 06:05:13 GMT
Server
DMS/1.0.42
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL,Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Server-Timing
total;dur=177, dc;desc="dc3"
Timing-Allow-Origin
*
Content-Length
11451
dmp.vendors~photon_app.be3e4bb5739df6aedd03.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
60 KB
16 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.vendors~photon_app.be3e4bb5739df6aedd03.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
d02f0eac80179ced49946852170823b5bbdf962effc707f12b1a42ef10618c1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
age
2188023
server-timing
total;dur=0, dc;desc="dc3"
content-length
16257
last-modified
Thu, 20 Oct 2022 14:03:48 GMT
server
DMS/1.0.42
etag
"63515544-f061"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
fe4ceab8e2461eb77bc6a5f595276c07
expires
Sat, 19 Nov 2022 22:18:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4E7D
370 KB
124 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.dailymotion.com
URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba4f3769d3a4c9425cc97f4ae34f880d78604cb6877a987243f5b84ffa10e425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126378
x-xss-protection
0
expires
Tue, 15 Nov 2022 06:05:13 GMT
/
graph.facebook.com/v8.0/
152 B
582 B
XHR
General
Full URL
https://graph.facebook.com/v8.0/?fields=engagement&id=https%3A%2F%2Fwww.xatakandroid.com%2Fseguridad%2Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android&method=get&pretty=0&sdk=joey&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/sdk.js?hash=2d204654d7e813a0076cf8dd1af18bf3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1263448dfd7d86603d924aed911bb685e86c7442ea968637590e591531a5cc1a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 15 Nov 2022 06:05:14 GMT
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1006607340
alt-svc
h3=":443"; ma=86400
content-length
152
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
N8bsOZC/jgq9vTvtGHrG4pw/SWXqCoCoCeKxxJhMhoz3hN+Ny0lOcORVbwjTZA15u6xBNhScA6Vv7Jh1fxhtTA==
x-fb-trace-id
EqAEB1jnZCJ
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Akc8OEAZ1gBAXProosXYAXz
cache-control
no-store
facebook-api-version
v9.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
7 B
449 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-679927-33&cid=388260028.1668492314&jid=1291419416&gjid=725416014&_gid=236294012.1668492314&_u=YEBAAEAAAAAAACAAI~&z=1239532380
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 15 Nov 2022 06:05:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xatakandroid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-679927-33&cid=388260028.1668492314&jid=1291419416&_u=YEBAAEAAAAAAACAAI~&z=864935586
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 06:05:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-679927-33&cid=388260028.1668492314&jid=1291419416&_u=YEBAAEAAAAAAACAAI~&z=864935586
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 06:05:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-list.json
vendorlist.dmcdn.net/v2/ Frame 4E7D
395 KB
53 KB
XHR
General
Full URL
https://vendorlist.dmcdn.net/v2/vendor-list.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.vendors~photon_app.be3e4bb5739df6aedd03.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AmazonS3 /
Resource Hash
17c9d5ca43ed7fc8999db7dbc5ed6ff3f8169a9e98ede0f1d3bd3024273a4c85

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
KvGR_19VuNz_3zoDXYb8Wx0neg5l0Up9
content-encoding
gzip
via
1.1 61f7d27ce8f4df7e325eea9eb0ff9a12.cloudfront.net (CloudFront)
date
Tue, 15 Nov 2022 06:05:14 GMT
x-amz-cf-pop
CDG3-C2
age
395707
content-length
53263
last-modified
Thu, 10 Nov 2022 16:05:26 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
178.79.244.59
x-amz-cf-id
TrgzwDGNXodlfrrz8FlUuH1WHw_g4beGv8yUzJC6lLgFW0w1t36a9g==
x-llid
4e440058f0ad6b84a2a60a5b83da4f48
expires
Thu, 17 Nov 2022 16:10:07 GMT
dmp.omweb.ee6e6979792a1b55d936.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
37 KB
13 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.omweb.ee6e6979792a1b55d936.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.2c5ee259e18c6dc055cd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
412e61e2f390d10ae07906c3d86f2dd97e80512eb5fde0044f89309fea6ea310

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
age
1498738
server-timing
total;dur=0, dc;desc="dc3"
content-length
13008
last-modified
Fri, 28 Oct 2022 07:53:44 GMT
server
DMS/1.0.42
etag
"635b8a88-93ed"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
9163725bca1cfaf32f040e701c4c966f
expires
Sun, 27 Nov 2022 21:46:16 GMT
dmp.omid_session_client.70930bd5001b8104a1c9.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
60 KB
12 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.omid_session_client.70930bd5001b8104a1c9.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.2c5ee259e18c6dc055cd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
cd91b4de292647e6b4b176c9f29976dd1c6d54190a5edbb467e8b42868f0f24e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
age
1898793
server-timing
total;dur=0, dc;desc="dc3"
content-length
11922
last-modified
Thu, 20 Oct 2022 14:03:48 GMT
server
DMS/1.0.42
etag
"63515544-f17e"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
76b7c3c639db07bd1c36c0dce6b270ba
expires
Wed, 23 Nov 2022 06:38:41 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4E7D
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.260c69f2c989b97f2210.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Nov 2022 06:05:14 GMT
latencies.js
speedtest.dailymotion.com/ Frame 4E7D
7 KB
2 KB
Script
General
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.260c69f2c989b97f2210.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 15 Nov 2022 06:05:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Tue, 15 Nov 2022 12:05:14 GMT
Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
static1.dmcdn.net/playerv5/photon/fonts/ Frame 4E7D
36 KB
37 KB
Font
General
Full URL
https://static1.dmcdn.net/playerv5/photon/fonts/Retina-Regular.039feafb8e07151a9fa79dd01263f273.woff2
Requested by
Host: www.xatakandroid.com
URL: https://www.xatakandroid.com/seguridad/asi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
last-modified
Thu, 20 Oct 2022 14:03:48 GMT
server
DMS/1.0.42
age
2002163
etag
"63515544-9118"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=0, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
37144
x-llid
2d9a80fd585073960869ad3738dc7c68
expires
Tue, 22 Nov 2022 01:55:51 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E786
370 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.260c69f2c989b97f2210.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba4f3769d3a4c9425cc97f4ae34f880d78604cb6877a987243f5b84ffa10e425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126378
x-xss-protection
0
expires
Tue, 15 Nov 2022 06:05:14 GMT
/
pebed.dm-event.net/ Frame 4E7D
15 B
363 B
XHR
General
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_vendor.cb0d857b291806973621.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
X-Dm-EventBus-Worker-Duration
0
Referer
https://www.dailymotion.com/
accept-language
en-GB,en;q=0.9
X-Dm-EventBus-Compression-Duration
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Tue, 15 Nov 2022 06:05:14 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame
0
0
Preflight
General
Full URL
https://pebed.dm-event.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-dm-eventbus-compression-duration,x-dm-eventbus-worker-duration
Access-Control-Request-Method
POST
Origin
https://www.dailymotion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
604800
Content-Length
0
Date
Tue, 15 Nov 2022 06:05:14 GMT
Server
edward-ed/2.2.1
cast_sender.js
www.gstatic.com/eureka/clank/107/ Frame 4E7D
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/107/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 08:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 15:03:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 15 Nov 2022 08:56:25 GMT
bridge3.544.0_en.html
imasdk.googleapis.com/js/core/ Frame FD9F
690 KB
221 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.544.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dailymotion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
486168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226556
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 15:02:26 GMT
expires
Thu, 09 Nov 2023 15:02:26 GMT
last-modified
Wed, 09 Nov 2022 14:58:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame E786
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Nov 2022 06:05:14 GMT
ingest.php
events.newsroom.bi/
126 B
630 B
XHR
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2097
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
168.119.15.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy05-new.cl03.k8s.mrf.io
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAcgqwBYKEIvHuhmd

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.xatakandroid.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86
active
flowcards.mrf.io/json/
800 B
755 B
Fetch
General
Full URL
https://flowcards.mrf.io/json/active?site_id=2097&page_technology=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f7cc26ee770e17672a60b77b430b1dee3a3dc566b7517dab4892021e3aa3408d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
x-b3-traceid
f7b408e749554d76ba9d711d1aab8771
x-cache
HIT
mrf-cache-status
H
x-envoy-upstream-service-time
1
x-b3-traceid-primal
e0cbe65eeb294a34a68dfe4c13563805
content-length
422
x-served-by
cache-lcy19224-LCY
server
istio-envoy
x-timer
S1668492315.811119,VS0,VE1
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1
dmp.dynamic_quality_switcher.0a12c2909359ea7f8b11.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
22 KB
7 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.dynamic_quality_switcher.0a12c2909359ea7f8b11.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.2c5ee259e18c6dc055cd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
3ef22eac12cbbff104e247617db0aea70ec73b94bad362f55b838c07cd5d1dac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
age
678750
server-timing
total;dur=0, dc;desc="dc3"
content-length
7230
last-modified
Mon, 07 Nov 2022 09:28:37 GMT
server
DMS/1.0.42
etag
"6368cfc5-580a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
4846c86f575caeb36b417be872bf90a6
expires
Wed, 07 Dec 2022 09:32:44 GMT
dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
static1.dmcdn.net/playerv5/photon/ Frame 4E7D
189 KB
54 KB
Script
General
Full URL
https://static1.dmcdn.net/playerv5/photon/dmp.vendors~hlsjs_stable.607603975ee410c63a10.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_manifest.2c5ee259e18c6dc055cd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
age
1562245
server-timing
total;dur=0, dc;desc="dc3"
content-length
54717
last-modified
Thu, 27 Oct 2022 14:30:19 GMT
server
DMS/1.0.42
etag
"635a95fb-2f204"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
c1c7e0b6a2fa9b7f53d33fc2799d5d75
expires
Sun, 27 Nov 2022 04:07:49 GMT
x801azu.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 4E7D
0
277 B
Script
General
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x801azu.m3u8?auth=1668665113-2562-ox75cl27-8ecb3c51d131bbbd28c250465d7329c64y_hjLbyBpr7n3rUippqq0nzCdDZbCGTxC5vsHSq6UqgJLVuAGwauoNqmR4kVnblK2Y6TsMpCDcULvf4kTBQuISplhmFq9NkU1_chdX-mxUmXcaspaV2DOPkHJE7f8unvetfHRCDuwCoNmeNVBjpVaTfwfVHi-7qXNxpmWIGBfrHaU1DREVG8j6Eyemhc0uT2zYHkMMJE9SsVrUSHfJwQ3z9nO9oow2vlwReFttc8b45QUHRiue06nMrIzpIJN4Y2oot6ZgjV-Q5h5oEi6ix1QHZpYQmzGxqIUTH5XBXwcj9ZL2Rzfe28Q1bMmp8krRnBCattYBZu8eIYFBt-1DIJx58oNjnTMkt2Niziyhcw7SABJfHI1IPMeNhujCZI1d9U_gvnQKZVwRVpGIO8oAtS0trTznw3nZ62JAlyVjTum-9sjGOpGwB-n79-RYSWys9bDoLuPKELcOVSTpliK9LETHI_Nd183IJdT4uJsvX18qh_iW9ZwpPu9pJ6nubDUKOPWwzks-pum0eagtKxIZcV1LMlI7VZOi-JB3UzrTl3eMitng0y47QRCrF_I8LLtjZhquPc-05GI8hGRHrYTbsnKnorg5QgOkB7WVeKcAp2LP0zNUpPJ-Jo5oD5yioB5ZJ6JvtLptiN307ucIAEOb4Y7omglvbFc0UPLHvGPLymdr10fIRY-4deNAkLrl35jv8wXZaNq6ZAByFjQ4o2skHh8jYli7YObMSxFx21YzyDrKmZI_p9VzNAu3NpAcTrxHOp5Q7xR7uQhv2xgCibQJULH_SuDsXZknLGnN04f-SkbJ9jS5XHrvBD6sklzfNWAWfeVpTFbbJiObBu9DF7b1m0hpTFbpKzlTHxLr64FRTxLtqk7AdP6FB8bNNXQcD_Bt3AprsCwqGLSO_cmkd7O56YruapkcJm2yCmsUGvOrIAnoLvWipg5LURoyVpnIcrh9bD8NH1GCHbK5KHc-gawPjlpaze6PjKbKFdXZNxoBRjxVy2zTP1JIa1f9EZytD9vA7pbOr3BNHBAEopg0BNYCco8SLbCAw3Nd_DzMu_zp7zZsEc34YSpGCaofYwzztmgPYGmLyEJ-TKXgDDOjDzItzhVmogs7weAG0hwmuTsP8YHIiDxb-X72hi5pTrmXDlr1jq6rZ8yWvHy_xEjBLw-tsiFBVLJZc4WmCoYV9Mf108qVjjcxRuaZL9TBopd-o-ImOegHbrGQXk6ZnastwJMM5JGzdPv6hGmYdesQ5Asl01wiNusjSQs9uPFgo8aIPERWw3kveYZ0K6ty6C5Cp2eWJJTwPCIdp770a7NM79h_ZM3A5-8C7rIDh7AEmzhaovczMx6uQ0C_WGR6Rp-r5Wtx4SM71U05XKKc_uC3ttyZqEo78LEdpv6UZkBfOHeqIa1Jwg1sKgeFuqeqEUcaFzu4MgfmA20S4D3l9EGaeOBsr9BbcY8bEUC8fExQybY0cZgdk1p0IH22dYOBWcYYK5qn1HWZpG6IXl6P-ILi2jTFjIw-Aa10NaeDkwZsuvFIQqNv1x7rfRzjnxzVY5it4wgiZh_F2nboqpVaLnPrwbxX3ccLkpqv4Nk-ZNl96TNf3aFxOu7ZU1rQC392B58M-u_PbNTQydu3cz2xAN6QxL4r2tzwPeQjH5cNSkXw0yOC751uVPut9ZZxeHh1b1EmCX4xbkEU3HJFrCILQx0Y14eIq8ne6EH4hsV4ffKp-fnbcQoQ_CskpHuxAErTxm17v12f3O3Rfto5GtLw3SZWUqBbQnSwKsJ-XjVPMCAgqfvifd2LzmkzPFQaY5Y2BszEDuxTq-3Im5tuSRAEsWUaTahlfgXzcao7nXbkO-ClDRm3CNIYMCYZQR4snwLUM4Id8QeWakyULoYYXa4wklbtq1fBtU8WTainuLsg5mOjf_zZXGizKv5ifesgs0-bpf2pJouNOZtqICcf5vgh68qHKDNwKMLZOgdmK9LR1GIVU3IB9wjReaQUs06Vr8YtsBtUoswG3c7AL-J2Ir43JsK_d_fAgLxJ74-KAdGLC0n44uF3wku9DvLVyNGvgGIDwBLTvAFjNQzqHQ1M8XRCaZpvmb4HuRWTGYqym04IsCh4ev987-nBq2W623FyhCFAzxB657gNgcN9JoSPXuNmopIWL3VCXskxxqnNPVs0SjF_punuk6Lus1z_T7yH7obCcehaYaWOUhRxz2InDdUWEmurr-Jejgx23BevrfXcmK7rYgnj2x-G4F_hMPXjmkUZStma7MSOs3oZeWFoGbPjcCXiL22B9iuZ3MOXtN1tr0oo3YbRpWE3n9UkNrv7J3ZulPzPuCbhW9kVE1stL3v33iUUxix_3i3FqwQD4F1F9C2GEW7w_2Ovu7Z1dCKPs0_s9B597fblGPJ4AIgYgsmh6PgdeTz4Oc_a7YV0cSKNbiicHu-R505fussf3UwzSMT73L8fzam9b9QMgfCmKd7C0ULBmKBK999w14_cAkEnKq8dTwnnfsES8dxjhKR2ltz2rr7FVOjOTA8jcHq3gtUtHzwNnWGWSXWthRF4nWZ4PG2gLIbJgNhSKb-dMQYWgpleVdBTNqPVSn1BhgvvMOX-IwfPlan7Jl59zTe1QEczuXB5EQZ5AX1BwPwh0v913pHO9ItOOEWcIlMfPFARxmhAncxWGnwYv0qxosbobcRG6WTP9GdA3uA0giRzBuYZBdXhqvA61VxdeW-EkRqPX3PbEab64VaXzWRISni1bM1B1PKFbeRZFAW6bteN_JP5KWCGY6bYSSN75HtKZag8gFd_ppj7RHInLaq9aN7du7ik4VlnrnFPllS8QCSw5fYbL3xNxMF-rUffatr5k9YM2FhuUibqIIImMi3VRbwJdb5VLPfpiWW7uqIh8OQIZYLPFlGs5qi9ZoA__U5bhTtrc0tjJNMmeF5tLHdjZO3vQqnoGCxm-fpGQVFOMs-4ExuDwIYqtfeo_aWNDuXw3YakIUGlxeNwex9fH3oIAdcEPFKyv_bm1ORVAg0HVe6ituNMTLqr-Ooo2KkLMpTXN1hTrvUzPqn7h_Ye6-lDIS1P0Rr5ebT0-lPk_Rd1BADARnsTzg__BpaEXm2fIIlFiQXOw7a4CLFM2_J1AQXuwDhTE5MvkxEF9cuOTKhPXXrFgODkCCgIj5jQCAMSWsBuTfYAXQwDwNHbcpQfEJUdyfUQVEwt5yryXDEZWq_qSSOgr4_6RRfxKOcTT8I3LEr5NBCTP82E2kahvKLdqfoocMZegIdmqbaH0dTOyihn1WRw_fsIg7jztDNNHvOD9C4uNN-VXjAtpYjUFsxiG-SkpNv7U7zUi2WKUaBtkAwLOJTPGveotYm003MZwBDvHUFyuD3PuO6hn1u8qU0iJywZb774UCOuwgVTf1nh_y1uZgVjCi74XllRzPUHzgSKa0GymVmlIXBeGrMnP2hmuQJzOu6WMavmeKzF9fMQCHZK55sRF_Xy6F3XTWaZE4VTcmxGxKSKZiGLasC9_pW-cJGznr-Oiz0r-7qvK6DOZDwn_9gPWR5vcGYECpZK-trI-JEOrbTJBrDJu0oUXVSaZcPIrGyiyZr6gQl0u5m-z58ALzOJwhX9Nb-w418d9v8tYW5-wJXTBnxS1r0wvvxlaIFe4_91bbIZoFXv_8OkJXBwntYIkKSNBM56kVzdT_zzD7EvMs6mEpPIb4tF8Il6Mj6VepIPDHsvEVjRRmw7Cw9aJB8NTsoa3j0vTJR_J6FJFS-YiDGKWr4GdVjWVxudP31ZxH-DI7-yTLJBCn9BcA6b9V04X2hl1WPZEoFqgmoWFmF_Y3p_Ke7Gl9CAqTuWsaa-0f5zB5YBk0aV09AFYaM79bfmnzkOTJJcsmF16AVvDnMIopl6RAEdK4WZRphM0bdVlphvBwowM5zufQNI7xfhSbXeDY9DaEbcQA2fzfu-ECSkPPMVA_B1YBcpGDnk-rXmtRAt5hUWqz55x9W-AVHPTrlJo5jPpNDSiqMMTyNIY_LzAcogl1ExNzIIaG0u8sYu3rB3ucMqmbbxDioBMluX8v_GjxbYafipqWie1XyLERWWV9IppWGuGt3yd5SJL_71WgxBYHefwp_uvdGfGaXK3JzQvz9Wvd-enJtsT5U3d3rFaUYMx5pqr1IQJxn8RyeQE&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=CPifGEAPifGEAAHABBENCqCgAAAAAH_AAAAAAAASQAJMNW4gC7MscGbaMIoEQIwrCQ6gUAFFAMLRAYQOrgp2VwE-sIEACAUATgRAhwBRgwCAAASAJCIgJAjwQCAAiAQAAgAVCIQAMbAILACwMAgAFANCxRigCECQgyICIpTAgKkSCg3sqEEoP9DTCEOssAKDR_xUICNZAxWBEJCwchwRICXiyQPMUb5ACMEKAUSoVqISAAAA.YAAAD_gAAAAA&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=1&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/photon/dmp.photon_app.260c69f2c989b97f2210.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-vx49h
date
Tue, 15 Nov 2022 06:05:15 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://www.dailymotion.com/
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
x480
s1.dmcdn.net/v/SrWtg1X-AESrPCdst/ Frame 4E7D
87 KB
87 KB
Image
General
Full URL
https://s1.dmcdn.net/v/SrWtg1X-AESrPCdst/x480
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/2 /
Resource Hash
c585a7c137c681e1988ae725c9cfe64d3dac757a5cdd1f919a6c70596f6fe264

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:14 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 09:46:32 GMT
server
DMS/2
age
73122
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=119, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
88232
x-llid
7864b8d87353cf8e8b5020117eb1cc0d
expires
Tue, 15 Nov 2022 09:46:32 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1088151987&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.xatakandroid.com%2Fseguridad%2Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android&ul=en-us&de=UTF-8&dt=As%C3%AD%20es%20el%20spyware%20BadBazaar%2C%20el%20Pegasus%20chino%20que%20est%C3%A1%20en%20m%C3%A1s%20de%20100%20apps%20de%20Android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video-content&ea=thumbnail-displayed&el=https%3A%2F%2Fwww.dailymotion.com%2Fvideo%2Fx801azu&ev=0&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=388260028.1668492314&tid=UA-679927-33&_gid=236294012.1668492314&gtm=2wgb90NB7BQ4F&cg1=post&cg2=%C3%A1lvaro%20garc%C3%ADa%20m.&cg3=seguridad&cg4=normal&cg5=221114&cd2=no&cd3=0&cd4=157241&cd5=https%3A%2F%2Fwww.xatakandroid.com%2Fseguridad%2Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android&cd6=2022-11-14&cd7=XTA&cd8=postpage&cd9=1&cd10=0&cd11=11&cd12=Technology&cd13=2022-11-14T11%3A04&cd14=seguridad&cd15=malware%2Cspyware&cd16=%C3%81lvaro%20garc%C3%ADa%20m.&cd17=normal&cd19=GB&z=964442950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 02:35:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12563
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
experiences
flowcards.mrf.io/json/
51 B
219 B
Fetch
General
Full URL
https://flowcards.mrf.io/json/experiences?site_id=2097&client_id=46035ceb-d320-4e04-b563-51691a5a2fae&user_type=0&canonical_url=https%3A%2F%2Fwww.xatakandroid.com%2Fseguridad%2Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android&referrer=&recirculation_source=&previous_page=&geo=__INJECT_GEO__&session_duration=0&pageviews=1&first_visit=1668492314&page_technology=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c58ae9a450c0b6887adcbc1b278ecdab16a6abe92c35f3e91dae50d11cbee03d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.xatakandroid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:15 GMT
content-encoding
gzip
x-b3-traceid
c6ec2f3f21934296b424c32bfbb8f050
x-cache
MISS
mrf-cache-status
M
x-envoy-upstream-service-time
384
x-b3-traceid-primal
c6ec2f3f21934296b424c32bfbb8f050
content-length
64
x-served-by
cache-lcy19224-LCY
server
istio-envoy
x-timer
S1668492315.985452,VS0,VE471
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
0
RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
static1.dmcdn.net/playerv5/photon/fonts/ Frame 4E7D
36 KB
36 KB
Font
General
Full URL
https://static1.dmcdn.net/playerv5/photon/fonts/RetinaMedium.2811330fd8cd981352918b4059564b10.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514

Request headers

Referer
https://www.dailymotion.com/
Origin
https://www.dailymotion.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:05:15 GMT
last-modified
Thu, 20 Oct 2022 14:03:48 GMT
server
DMS/1.0.42
age
2002356
etag
"63515544-8fcc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=0, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
36812
x-llid
ba41eea797f3d3f1a2030668e472ebe3
expires
Tue, 22 Nov 2022 01:52:39 GMT
recirculation.php
events.newsroom.bi/
12 B
532 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2097
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
168.119.15.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy05-new.cl03.k8s.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 15 Nov 2022 06:05:15 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.xatakandroid.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
recirculation.php
events.newsroom.bi/
12 B
532 B
XHR
General
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2097
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
168.119.15.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy05-new.cl03.k8s.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://www.xatakandroid.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 15 Nov 2022 06:05:15 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.xatakandroid.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| country boolean| isSpainOrLatamUser function| ga object| googletag object| dataLayer boolean| gdprAppliesGlobally function| scrollListener function| __cmp object| didomiOnReady object| WSL2 object| apstagSlots object| pbjsChunk object| pbjs object| _pbjsGlobals object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| WSLModules object| AML function| injectScript string| permittedBatchIps object| batchSDKUIConfig object| wslBatchSdkConfig function| addBatchScript function| jQuery function| $ object| picturefillCFG function| picturefill object| Translator function| dayjs object| Backbone object| __twttr object| twttr function| fbAsyncInit function| FuckAdBlock object| fuckAdBlock object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiEventListeners function| __tcfapi object| DidomiSanitizing object| adsbygoogle object| didomiState object| head object| iframe function| sendcomscore object| FB object| __tgconf function| __tginitcb object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| e function| t object| marfeel object| DM object| __buffer object| webpackChunk_marfeel_marfeel_sdk object| tp object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime object| pbstck object| pbstckQ object| Pubstack object| __mrfCompass

8 Cookies

Domain/Path Name / Value
.xatakandroid.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTg0NzllNDQtMTQ3NC02NDAzLTgzOWUtMDBjZDFiMzI0M2Y1IiwiY3JlYXRlZCI6IjIwMjItMTEtMTVUMDY6MDU6MTIuOTYwWiIsInVwZGF0ZWQiOiIyMDIyLTExLTE1VDA2OjA1OjEyLjk2MFoiLCJ2ZXJzaW9uIjpudWxsfQ==
.xatakandroid.com/ Name: _ga
Value: GA1.2.388260028.1668492314
.xatakandroid.com/ Name: _gid
Value: GA1.2.236294012.1668492314
.xatakandroid.com/ Name: _gat_UA-679927-33
Value: 1
.dailymotion.com/ Name: v1st
Value: 4EA41DD1A5A28B3C0F213700CBD8B593
.dailymotion.com/ Name: dmvk
Value: 63732c19a9921
.dailymotion.com/ Name: ts
Value: 114425
.dailymotion.com/ Name: usprivacy
Value: 1---

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Message:
The resource https://static1.dmcdn.net/playerv5/photon/dmp.photon_player.e0a67999252abf1f29e6.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.dailymotion.com/embed/video/x801azu?ads_params=site%253DXTA%2526siteSection%253Dpostpage%2526vertical%253DTechnology%2526amp%253Dno%2526postId%253D157241%2526postUrl%253Dhttps%25253A%25252F%25252Fwww.xatakandroid.com%25252Fseguridad%25252Fasi-spyware-badbazaar-pegasus-chino-que-esta-100-apps-android%2526publishedDate%253D2022-11-14%2526modifiedDate%253D2022-11-14T11%25253A04%2526categories%253Dseguridad%2526tags%253Dmalware%25252Cspyware%2526videoContent%253Dtrue%2526partner%253Dfalse%2526blockLength%253D11%2526author%253D%2525C3%252581lvaro%252520garc%2525C3%2525ADa%252520m.%2526postType%253Dnormal%2526linksToEcommerce%253D%2526visitor_country%253DGB%2526contentGroup1%253Dpost%2526contentGroup2%253D%2525C3%2525A1lvaro%252520garc%2525C3%2525ADa%252520m.%2526contentGroup3%253Dseguridad%2526contentGroup4%253Dnormal%2526contentGroup5%253D221114%2526dimension1%253Dno%2526gtm.start%253D1668492312851%2526event%253Dgtm.js%2526gtm.uniqueEventId%253D1%2526event%253Dgtm.dom%2526gtm.uniqueEventId%253D3%2526adblock%253Dfalse&api=postMessage&id=f1ae8a93c2369d&origin=https%3A%2F%2Fwww.xatakandroid.com&pubtool=jssdk
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ab.blogs.es
api.dmcdn.net
boot.pbstck.com
cdn.insurads.com
cdn.pbstck.com
connect.facebook.net
dmxleo.dailymotion.com
events.newsroom.bi
flowcards.mrf.io
graph.facebook.com
i.blogs.es
imasdk.googleapis.com
img.weblogssl.com
img.youtube.com
pebed.dm-event.net
recommendations.weblogssl.com
s0.2mdn.net
s1.dmcdn.net
sdk.mrf.io
sdk.privacy-center.org
speedtest.dailymotion.com
static1.dmcdn.net
stats.g.doubleclick.net
vendorlist.dmcdn.net
www.dailymotion.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gravatar.com
www.gstatic.com
www.xatakandroid.com
13.32.27.24
151.101.130.207
151.101.194.207
168.119.15.224
178.79.242.181
18.66.248.119
18.66.248.19
185.59.220.194
188.65.124.59
188.65.124.66
188.65.124.90
188.65.124.91
2600:9000:224a:3800:5:b7cc:d3c0:93a1
2600:9000:224a:b400:16:9f91:2d80:93a1
2606:4700:10::6816:15d
2a00:1450:4001:800::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
52.222.236.124
0365e3f4d308d0beec787524d9a2f686351e1011555515526ddfaf34176d0514
0e6e2c6850694985f529126a28d71141375fd08787ca7abac3d9137be8f4b057
1211ad5098026fa42f3f341c40f7b7ae4572ad734b0cf809fd5e1da15a141c9f
1217f16aab1b9897b8cc0850c26eb65a258cd6674b421b071ad80bb22d5c9251
122474e723373617ff53ad7b32c60017d10b05c3992348a3c6242866a1ee9455
1263448dfd7d86603d924aed911bb685e86c7442ea968637590e591531a5cc1a
174f05b8200fb4490c8ce9bbc833cdb6ac85ca5e33189ddb0b75c2c5e991e691
17c9d5ca43ed7fc8999db7dbc5ed6ff3f8169a9e98ede0f1d3bd3024273a4c85
199b6b617441dde669cdce6c37802320e0c4bec7d3e4cc5f87e696962495028b
1deba264a88795b95a59027f3fb1cf8e149d873440061215915a4fc0c95b72c2
208dde22ba246b2965fdc4d0fc1bc4ea291a3adef9a1b562aec2fcbb99925446
23a5b3e79d0416aae662f875cfd473ae0338de8ea69865e5de506780e39350f8
24b23d99aaf9540063f0ff1bde9191cde2ac85a2f7c5685fe43fc7dd6a1c5fd3
2aa65cc702e2bf1c019414f33484e7ad8d0fd74b0dec0074d6135369ccc71ac3
2da1554426327c299fc13c5dcbd205694cf50a09d990a897dd5c3bbd93d86d65
37e71e943c6bd023d3085dd3f805d6c4f4d3ab79a1521b2c804624ac5ceb5e38
3bbea25cc01ba9b6a38b3d2f810fb36ea51736e402e8be253155bc223b057622
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3ef22eac12cbbff104e247617db0aea70ec73b94bad362f55b838c07cd5d1dac
412e61e2f390d10ae07906c3d86f2dd97e80512eb5fde0044f89309fea6ea310
4dccbcc173fab8052b6e3004b2529c9c86db8db757a12814478c9109149a8c1f
50a0050e04d8c49be258c2bea7ad79619303071fcb6b00df50f21ef9d8d85c6a
52cd4c98082867738a9f27e30d46276a136d5b9bc81b102361e9bb2a32097e4d
53bbdb662b4362cf177521780d3ffe6be0ae82b232f8d1afdf709421f04e1a88
589af6ab790a2e2f354e7641b1a052445d6e68b842f8fba297599b118638a520
64702fcc5fcafd573164219792590bcce078b32dcc7eab0d998476ece06dbdcf
6c8be240924a0abacd1918f131f5f39d6afc3bab17c1ad7d4f510b7c3861b9ce
70e7b80fc7ed74d5f48c205c41ecb2e2a7f5498690473b5948dfe39dcf18261a
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
7a05bbe3e1d42f2339ae2d6aa6612dc5a5a1ff8f25252853f2b46e5673a0252d
7cf75412b0586b0e41a0bd9de2e69265502ee29ae3041dd3e923f2f23aa5aa24
7d1a5248706df739942272291e5e24ae518d91a50fdfca8bb5beacbc84b87b34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843ad4173fdc81fed5efe7c7914593e77e676273c3a4790243217641ef0214e4
8fdafd7201c8df373fd5e675e75573201c5ab543d05b00843987a5f749efdbb4
98474a698e91974fc76a4c5fe2c8b74d3b4ec771fb79b267b99dfd658ee3773e
9ab17e8bc3643997f26bbef40677b44acd0e71d10c2663a26f8326b7c095ac9e
9d3c7428a9340184fdcf160acdf6bb87efd87165a671aeb343520a22a3f2846d
9e49999e407e8d227c0b6e5cd23c0f0ff59c27b1f44319b28f90723fe681ff5a
9f0384a2c4cddef7a95fce9cc026e0901482723d031610c2dc33f23864e8d5c3
9ffc89a5d2284a855dacd3279abab5e43dd865d0f09b8c0e3ac99d136a490801
a0014e42d2d2ee937e7921473b1e5645132e03a3b30f57f03ff7f8197b6ee21f
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a486a5eaec40b9f65f15e630f77f5530b91ccecf1e0d18a5c5c2d218e7584edb
b06fc6631868407530d7e4bd9eb906da343a3e5b6e13ae77781ce78fbcc4be57
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba4f3769d3a4c9425cc97f4ae34f880d78604cb6877a987243f5b84ffa10e425
bb396f1b070a0d39f645a4b47b5aa2c72e98f35a5903760fa90cf9fab6a659e8
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c3b7568a7ae60cc5a7b58698ea7a8efb978664f9c0e5b9744e7c5722d1dc480b
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c585a7c137c681e1988ae725c9cfe64d3dac757a5cdd1f919a6c70596f6fe264
c58ae9a450c0b6887adcbc1b278ecdab16a6abe92c35f3e91dae50d11cbee03d
c660a607f8cf7af6c5def74378d4360f63d18611ab0968367c31210ec0e74349
c7ebddfd12f590b6e2444b88caa1383577aede09b7a2a246e2fbc4da008751b9
c9952afd310c02179e4d8f723ce45ce20ad0ffdd248d68edba771989c2a0806b
ca356d69f023a86170e7197b26266cc9f913b54fc90e96a760cec4152b7848b1
cd6db5d55b2a6686066cbf2a10ebcfa99eaaa0eba58734dd9ca5ac2a01c3faeb
cd91b4de292647e6b4b176c9f29976dd1c6d54190a5edbb467e8b42868f0f24e
cda3aa3d7da19cc08aabbed621a103399214bdc38c684a8c31209b73460e113d
d0054b6ec34a3672b42e9b053aa98c465e09bbbd012bb240d18d46a2107868d3
d02f0eac80179ced49946852170823b5bbdf962effc707f12b1a42ef10618c1d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d48f7e64aeeef2e7d1c7506638b3414284d6ca51014c69db5302d2833cd702fb
d59c76a636de1d2b640ef3eec7b48cdecb5725dc48b972bbab2e8549f81e92e1
d62636ee49e7ab42d37acf1021a7622e8b46f6f5498d18812153bccd3e6c9a93
dd302a04e14afc60001c39fdd53e9552f112bb80bec02ba57839794c42aa6bf9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4617a5b39cda8cd99c5725cd79a12bf58f402b90f76c364ec7de7852ec15050
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ab80f1a9d650f5579c12e6fe1932583f57cb5931282c8b75f4b6ae9c4d3243
f3666e4a2a4292705eb7c1df421862c318bdbc7119a7b822acdc3fdb8f2d1c9a
f4d61c58e7b1bacb8ccf4ba602ec0f2c51c9c330b65628a0bb168e7c7693ba2c
f74a32e5a4f6d1cae28c38950b2295074af158c8c1d30af26cd94151cf62ce15
f7cc26ee770e17672a60b77b430b1dee3a3dc566b7517dab4892021e3aa3408d