urlscan.io logo urlscan.io
SecurityTrails logo

www.androidpolice.com Open in urlscan Pro
44.196.161.176  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.androidpolice.com/hackers-vlc-malware/
Submission: On April 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 12 countries across 87 domains to perform 241 HTTP transactions. The main IP is 44.196.161.176, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.androidpolice.com. The Cisco Umbrella rank of the primary domain is 137569.
TLS certificate: Issued by R3 on April 6th 2022. Valid for: 3 months.
This is the only time www.androidpolice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 44.196.161.176 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 65.9.7.86 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
20 2600:9000:224... 16509 (AMAZON-02)
1 151.139.128.11 20446 (STACKPATH...)
4 199.232.196.134 54113 (FASTLY)
1 18.66.100.58 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.248.54 16509 (AMAZON-02)
6 35.186.249.84 15169 (GOOGLE)
2 35.166.59.69 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 108.138.3.177 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.164.129.50 16509 (AMAZON-02)
1 52.205.167.202 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:1ec:27::... 8075 (MICROSOFT...)
2 216.58.212.130 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 13.33.146.8 16509 (AMAZON-02)
1 104.89.31.187 16625 (AKAMAI-AS)
2 44.230.194.160 16509 (AMAZON-02)
1 46.105.202.126 16276 (OVH)
6 52.7.229.166 14618 (AMAZON-AES)
1 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.120.117.212 15169 (GOOGLE)
4 20.85.30.134 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
4 104.102.28.254 20940 (AKAMAI-ASN1)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 35.244.159.8 15169 (GOOGLE)
1 2a0c:5c81:509... 55081 (24SHELLS)
9 212.115.110.216 204548 (CLOUDWEBM...)
3 35.211.178.172 19527 (GOOGLE-2)
2 2 23.88.75.188 24940 (HETZNER-AS)
3 3 23.35.236.247 16625 (AKAMAI-AS)
4 7 13.248.245.213 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
4 4 185.33.221.13 29990 (ASN-APPNEX)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 15.254.18.59 16509 (AMAZON-02)
1 9 52.11.6.220 16509 (AMAZON-02)
3 4 35.71.131.137 16509 (AMAZON-02)
4 21 185.64.189.110 62713 (AS-PUBMATIC)
8 12 142.250.185.130 15169 (GOOGLE)
1 2 2a04:4e42:600... 54113 (FASTLY)
2 2 54.77.200.211 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
2 2 99.80.100.5 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.122 16509 (AMAZON-02)
2 18.156.195.47 16509 (AMAZON-02)
1 35.157.71.149 16509 (AMAZON-02)
1 35.158.68.235 16509 (AMAZON-02)
1 185.94.180.124 35220 (SPOTX-AMS)
1 204.237.133.116 3257 (GTT-BACKB...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.36.113.23 62713 (AS-PUBMATIC)
2 3 37.157.6.252 198622 (ADFORM)
9 62.149.0.72 15497 (COLOCALL ...)
3 2600:9000:224... 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 18.209.251.242 14618 (AMAZON-AES)
1 13 18.158.238.206 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 62.209.227.210 13036 (TMOBILE-)
1 35.160.251.62 16509 (AMAZON-02)
1 2 178.250.0.163 44788 (ASN-CRITE...)
3 3 216.200.232.249 30419 (MEDIAMATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.205.235.133 16625 (AKAMAI-AS)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 209.54.176.128 16509 (AMAZON-02)
1 1 70.42.32.191 13789 (INTERNAP-...)
1 69.173.144.139 26667 (RUBICONPR...)
1 1 37.252.173.214 29990 (ASN-APPNEX)
2 2 72.251.244.142 29791 (VOXEL-DOT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
2 37.157.3.30 198622 (ADFORM)
2 2 151.101.194.49 54113 (FASTLY)
4 4 52.210.230.90 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 185.86.137.133 201081 (SMARTADSE...)
1 35.244.174.68 15169 (GOOGLE)
2 204.237.133.121 62713 (AS-PUBMATIC)
1 2 169.50.137.182 36351 (SOFTLAYER)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 3.126.56.137 16509 (AMAZON-02)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 34.218.29.2 ()
1 1 154.59.122.79 174 (COGENT-174)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 23.75.246.168 16625 (AKAMAI-AS)
1 38.27.122.101 174 (COGENT-174)
1 1 104.45.178.220 ()
1 2 52.200.205.250 14618 (AMAZON-AES)
1 151.101.193.44 ()
1 1 139.162.23.100 ()
1 1 34.237.23.137 ()
2 2 146.59.148.16 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 2 2606:4700:10:... ()
2 2 35.201.96.126 15169 (GOOGLE)
1 204.237.133.247 ()
1 2 77.243.60.138 42697 (NETIC-AS)
1 35.178.150.13 16509 (AMAZON-02)
1 185.33.220.100 29990 (ASN-APPNEX)
1 1 34.199.172.6 ()
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.149 13768 (COGECO-PEER1)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 38.67.14.233 ()
1 1 34.102.253.54 15169 (GOOGLE)
1 34.237.160.203 ()
1 18.200.96.173 16509 (AMAZON-02)
241 99
13    44.196.161.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-161-176.compute-1.amazonaws.com
www.androidpolice.com
1    2606:4700:10::6816:4485 (United States)

ASN13335 (CLOUDFLARENET, US)
static1.anpoimages.com
1    2606:4700::6812:ba39 (United States)

ASN13335 (CLOUDFLARENET, US)
f.convertkit.com
3    65.9.7.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-86.fra56.r.cloudfront.net
tagan.adlightning.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
20    2600:9000:2240:8e00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
4    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
androidpolice.disqus.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
6    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.248.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-54.dus51.r.cloudfront.net
static.narrativ.com
6    35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com
scarfsmash.com
2    35.166.59.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-59-69.us-west-2.compute.amazonaws.com
a.ad.gt
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    108.138.3.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-177.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    35.164.129.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-129-50.us-west-2.compute.amazonaws.com
seg.ad.gt
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2620:1ec:27::cafe:1425 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
securepubads.g.doubleclick.net
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    13.33.146.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-146-8.maa50.r.cloudfront.net
ats.rlcdn.com
1    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    44.230.194.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-194-160.us-west-2.compute.amazonaws.com
id.halo.ad.gt
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
6    52.7.229.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-229-166.compute-1.amazonaws.com
events.release.narrativ.com
1    2600:9000:224a:ca00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
2    34.120.117.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.117.120.34.bc.googleusercontent.com
ls.skimresources.com
4    20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
9    212.115.110.216 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
3    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
7    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    2600:1f18:612b:4216:99f2:7ef8:5bca:944d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
60687.publishers.tremorhub.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    15.254.18.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-254-18-59.us-west-2.compute.amazonaws.com
p.ad.gt
9    52.11.6.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-6-220.us-west-2.compute.amazonaws.com
ids.ad.gt
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
21    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
12    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
2    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    54.77.200.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    213.19.147.45 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    99.80.100.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-100-5.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    35.157.71.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-71-149.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    35.158.68.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-68-235.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
track.adform.net
9    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
3    2600:9000:224a:3c00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    18.209.251.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-251-242.compute-1.amazonaws.com
api.narrativ.com
13    18.158.238.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    2606:4700:3037::ac43:c1e6 (United States)

ASN13335 (CLOUDFLARENET, US)
images.getadmiral.com
1    62.209.227.210 (Brno, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid1.ibillboard.com
bbnaut.ibillboard.com
1    35.160.251.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-251-62.us-west-2.compute.amazonaws.com
pixels.ad.gt
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    216.200.232.249 (Monrovia, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:c039 (United States)

ASN13335 (CLOUDFLARENET, US)
app.convertkit.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    37.252.173.214 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 865.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
2    72.251.244.142 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-03.ams2.m6r.eu
tracking.m6r.eu
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    52.210.230.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-230-90.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    204.237.133.121 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    34.218.29.2 (None, )

ASN- ()
pm.w55c.net
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    23.75.246.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com
px.owneriq.net
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    104.45.178.220 (None, )

ASN- ()
mweb.ck.inmobi.com
2    52.200.205.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-205-250.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    151.101.193.44 (None, )

ASN- ()
match.taboola.com
1    139.162.23.100 (None, )

ASN- ()
gocm.c.appier.net
1    34.237.23.137 (None, )

ASN- ()
sync.srv.stackadapt.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    2606:4700:10::6816:1857 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    204.237.133.247 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    35.178.150.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    34.199.172.6 (None, )

ASN- ()
sync.ipredictive.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    38.67.14.233 (None, )

ASN- ()
pmp.mxptint.net
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    34.237.160.203 (None, )

ASN- ()
rtb.adentifi.com
1    18.200.96.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-96-173.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
32 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
image2.pubmatic.com — Cisco Umbrella Rank: 898
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 622
simage2.pubmatic.com — Cisco Umbrella Rank: 620
image4.pubmatic.com — Cisco Umbrella Rank: 880
aud.pubmatic.com
simage4.pubmatic.com Failed
48 KB
29 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2980
video.primis.tech — Cisco Umbrella Rank: 5969
3 MB
17 ad.gt
a.ad.gt — Cisco Umbrella Rank: 4688
seg.ad.gt — Cisco Umbrella Rank: 10673
id.halo.ad.gt — Cisco Umbrella Rank: 5894
p.ad.gt — Cisco Umbrella Rank: 5334
ids.ad.gt — Cisco Umbrella Rank: 4265
pixels.ad.gt — Cisco Umbrella Rank: 5222
27 KB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7114
ih.adscale.de — Cisco Umbrella Rank: 5512
16 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
133 KB
13 androidpolice.com
www.androidpolice.com — Cisco Umbrella Rank: 137569
272 KB
10 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5421
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5813
5 KB
9 narrativ.com
static.narrativ.com — Cisco Umbrella Rank: 8085
events.release.narrativ.com — Cisco Umbrella Rank: 8012
api.narrativ.com — Cisco Umbrella Rank: 33943
42 KB
9 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2989
r.skimresources.com — Cisco Umbrella Rank: 2852
t.skimresources.com — Cisco Umbrella Rank: 3002
p.skimresources.com — Cisco Umbrella Rank: 4088
ls.skimresources.com — Cisco Umbrella Rank: 9130
17 KB
8 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
tlx.3lift.com — Cisco Umbrella Rank: 569
4 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1219
j.clarity.ms — Cisco Umbrella Rank: 2127
c.clarity.ms — Cisco Umbrella Rank: 637
25 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
82 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 438
adscale-emea.adnxs.com — Cisco Umbrella Rank: 17343
ib.adnxs.com — Cisco Umbrella Rank: 248
5 KB
6 scarfsmash.com
scarfsmash.com — Cisco Umbrella Rank: 154284
220 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
22 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 2148
track.adform.net — Cisco Umbrella Rank: 4449
c1.adform.net — Cisco Umbrella Rank: 577
2 KB
5 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1137
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
3 KB
5 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1106
eus.rubiconproject.com — Cisco Umbrella Rank: 567
token.rubiconproject.com — Cisco Umbrella Rank: 675
11 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 503
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 542
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
2 KB
4 disqus.com
androidpolice.disqus.com — Cisco Umbrella Rank: 305022
6 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 445
2 KB
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 656
match.taboola.com
694 B
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556
ssum.casalemedia.com — Cisco Umbrella Rank: 1353
3 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 289
705 B
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 531
search.spotxchange.com — Cisco Umbrella Rank: 426
2 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1459
84 KB
3 convertkit.com
f.convertkit.com — Cisco Umbrella Rank: 15724
app.convertkit.com — Cisco Umbrella Rank: 16563
14 KB
2 mxptint.net
pmp.mxptint.net
965 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1153
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4260
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
899 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 25327
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2962
899 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1390
573 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1082
476 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 824
s.tribalfusion.com
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 825
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 576
744 B
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 12948
1 KB
2 bing.com
c.bing.com — Cisco Umbrella Rank: 234
895 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 706
920 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 677
721 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 655
685 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
2 KB
2 gstatic.com
fonts.gstatic.com
45 KB
2 tremorhub.com
60687.publishers.tremorhub.com
645 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 985
451 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
2 google.de
ampcid.google.de — Cisco Umbrella Rank: 46741
www.google.de — Cisco Umbrella Rank: 5383
966 B
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1312
idsync.rlcdn.com — Cisco Umbrella Rank: 327
36 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 897
2 KB
2 google.com
ampcid.google.com — Cisco Umbrella Rank: 1782
www.google.com — Cisco Umbrella Rank: 4
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
126 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2749
p1.parsely.com — Cisco Umbrella Rank: 2214
26 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
161 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1276
209 B
1 adentifi.com
rtb.adentifi.com
47 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3831
466 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
537 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3142
104 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 431
346 B
1 stackadapt.com
sync.srv.stackadapt.com
617 B
1 appier.net
gocm.c.appier.net
393 B
1 inmobi.com
mweb.ck.inmobi.com
348 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1605
112 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1157
674 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 919
44 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
408 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 769
518 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 635
163 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 578
497 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 593
301 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
708 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 18336
550 B
1 getadmiral.com
images.getadmiral.com — Cisco Umbrella Rank: 101868
1 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1433
594 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 709
305 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 565
483 B
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1681
11 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1654
17 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
29 KB
1 anpoimages.com
static1.anpoimages.com — Cisco Umbrella Rank: 167405
704 KB
241 87
Domain Requested by
20 live.primis.tech www.androidpolice.com
live.primis.tech
tagan.adlightning.com
14 simage2.pubmatic.com 2 redirects ads.pubmatic.com
www.androidpolice.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 www.androidpolice.com www.androidpolice.com
12 cm.g.doubleclick.net 8 redirects www.androidpolice.com
eb2.3lift.com
9 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.pubmatic.com
9 ids.ad.gt 1 redirects www.androidpolice.com
9 video.primis.tech www.androidpolice.com
live.primis.tech
7 image2.pubmatic.com 2 redirects ads.pubmatic.com
www.androidpolice.com
7 eb2.3lift.com 4 redirects live.primis.tech
eb2.3lift.com
6 events.release.narrativ.com static.narrativ.com
tagan.adlightning.com
www.androidpolice.com
6 scarfsmash.com www.androidpolice.com
scarfsmash.com
6 www.google-analytics.com www.androidpolice.com
www.googletagmanager.com
www.google-analytics.com
5 c.amazon-adsystem.com www.androidpolice.com
c.amazon-adsystem.com
live.primis.tech
4 match.prod.bidr.io 4 redirects
4 sync.1rx.io 4 redirects
4 match.adsrvr.org 3 redirects eb2.3lift.com
4 secure.adnxs.com 4 redirects
4 ads.pubmatic.com tagan.adlightning.com
s.console.adtarget.com.tr
live.primis.tech
4 j.clarity.ms www.clarity.ms
j.clarity.ms
4 androidpolice.disqus.com www.androidpolice.com
tagan.adlightning.com
3 sync.mathtag.com 3 redirects
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 image6.pubmatic.com ads.pubmatic.com
3 x.bidswitch.net www.androidpolice.com
eb2.3lift.com
3 t.skimresources.com www.androidpolice.com
s.skimresources.com
3 tagan.adlightning.com www.androidpolice.com
tagan.adlightning.com
2 pmp.mxptint.net 1 redirects www.androidpolice.com
2 uipglob.semasio.net 1 redirects www.androidpolice.com
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 px.owneriq.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 um.simpli.fi 1 redirects
2 image4.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 c1.adform.net ads.pubmatic.com
www.androidpolice.com
2 c.clarity.ms 1 redirects
2 tracking.m6r.eu 2 redirects
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 c.bing.com 1 redirects eb2.3lift.com
2 pr-bh.ybp.yahoo.com 1 redirects
2 eus.rubiconproject.com live.primis.tech
eus.rubiconproject.com
2 app.convertkit.com f.convertkit.com
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 track.adform.net 2 redirects
2 api.narrativ.com static.narrativ.com
2 creativecdn.com 2 redirects
2 c2shb.pubgw.yahoo.com live.primis.tech
2 ad.360yield.com 2 redirects
2 dpm.demdex.net 2 redirects
2 trc.taboola.com 1 redirects www.androidpolice.com
2 fonts.gstatic.com fonts.googleapis.com
2 60687.publishers.tremorhub.com 1 redirects www.androidpolice.com
2 ssum-sec.casalemedia.com 2 redirects
2 csync.loopme.me 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 fonts.googleapis.com tagan.adlightning.com
2 ls.skimresources.com s.skimresources.com
2 id.halo.ad.gt www.androidpolice.com
a.ad.gt
2 p.skimresources.com www.androidpolice.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 unpkg.com 1 redirects www.androidpolice.com
2 seg.ad.gt www.androidpolice.com
p.ad.gt
2 a.ad.gt www.androidpolice.com
p.ad.gt
2 www.googletagmanager.com www.androidpolice.com
www.googletagmanager.com
2 pagead2.googlesyndication.com www.androidpolice.com
pagead2.googlesyndication.com
1 rtb.gumgum.com www.androidpolice.com
1 rtb.adentifi.com www.androidpolice.com
1 ads.playground.xyz 1 redirects
1 pixel.quantserve.com 1 redirects
1 pixel-sync.sitescout.com www.androidpolice.com
1 pubmatic-match.dotomi.com www.androidpolice.com
1 sync.ipredictive.com 1 redirects
1 ib.adnxs.com www.androidpolice.com
1 aa.agkn.com www.androidpolice.com
1 aud.pubmatic.com www.androidpolice.com
1 mwzeom.zeotap.com www.androidpolice.com
1 spl.zeotap.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 ad.turn.com 1 redirects
1 idsync.rlcdn.com
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 b1sync.zemanta.com 1 redirects
1 px.ads.linkedin.com eb2.3lift.com
1 pixels.ad.gt tagan.adlightning.com
1 ssum.casalemedia.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 images.getadmiral.com www.androidpolice.com
1 cm.adform.net s.console.adtarget.com.tr
1 www.google.de www.androidpolice.com
1 www.google.com www.androidpolice.com
1 hbopenbid.pubmatic.com live.primis.tech
1 search.spotxchange.com live.primis.tech
1 prebid-server.rubiconproject.com live.primis.tech
1 tlx.3lift.com live.primis.tech
1 geo.privacymanager.io ats.rlcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p.ad.gt a.ad.gt
1 pixel.rubiconproject.com www.androidpolice.com
1 s.console.adtarget.com.tr tagan.adlightning.com
1 u.openx.net tagan.adlightning.com
1 ampcid.google.de www.google-analytics.com
1 static.adsafeprotected.com www.androidpolice.com
1 cdn.id5-sync.com www.androidpolice.com
1 secure.cdn.fastclick.net www.androidpolice.com
1 ats.rlcdn.com www.androidpolice.com
1 r.skimresources.com s.skimresources.com
1 www.clarity.ms www.androidpolice.com
1 p1.parsely.com www.androidpolice.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 ampcid.google.com www.google-analytics.com
1 www.googletagservices.com www.androidpolice.com
1 static.narrativ.com www.androidpolice.com
1 cdn.parsely.com www.androidpolice.com
1 s.skimresources.com www.androidpolice.com
1 f.convertkit.com www.androidpolice.com
1 static1.anpoimages.com www.androidpolice.com
0 simage4.pubmatic.com Failed ads.pubmatic.com
241 134
Subject Issuer Validity Valid
androidpolice.com
R3		 2022-04-06 -
2022-07-05		 3 months crt.sh
*.anpoimages.com
E1		 2022-04-04 -
2022-07-03		 3 months crt.sh
convertkit.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.primis.tech
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
static.narrativ.com
Amazon		 2022-04-15 -
2023-05-13		 a year crt.sh
scarfsmash.com
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
halo.ad.gt
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.release.narrativ.com
Amazon		 2021-08-05 -
2022-09-03		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-03-29 -
2022-06-27		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
api.planethowl.com
Amazon		 2022-03-03 -
2023-04-01		 a year crt.sh
getadmiral.com
Cloudflare Inc ECC CA-3		 2022-04-12 -
2023-04-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-12-05 -
2022-12-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh

This page contains 41 frames:

Primary Page: https://www.androidpolice.com/hackers-vlc-malware/
Frame ID: AD719C42E101E2F74F478E7790D50DC2
Requests: 112 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: A185154EAC97F6D36F35C0D8BF037B97
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: E62E7508374BDDCC8A432E9A4081A31D
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.11390441380989502
Frame ID: D475119382FD2C5F7B5BB275634ECF4B
Requests: 1 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: 779572E1B29E96EFF67EFB5B317AACBA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: B21BBB154E41F687AE4A1DC1966B540A
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=94&advUuid=973da4fc-bf0c-11ec-9721-130dfa940306
Frame ID: 191083BDEC9B6A497546029E7FB8475E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 7FB6A51BA1CFBA4CCC649F72D8705A1F
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 6B68E27F8FEC2DE04B25B39296A226E2
Requests: 4 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 694270FEB62813C77C219B0CDF63DB04
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: A8926072315B027B948ED325658ADA4A
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 305A20E6BA8FD2631F0EE908C52AD654
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: E1D7A471AF7D5853CF6678B2009A6D2C
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: BBB8411A5AE4E06C3BA2EB1B3466C2A7
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dnSlWSYeB2kbu01fL3Ax&pi=admatic&tc=1
Frame ID: E34CADDAB656FE1CAC72289E68DF55E7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Frame ID: 16B76732EA007DF9831717BB91AA6ED7
Requests: 13 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 023F515E778243874BC8F09B6E531751
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: B359863BD0F442AF6A7D2A0A3AF7DFD2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 9BA654026DB481C10C4C4471593E5656
Requests: 17 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&
Frame ID: 6D63D7469AF5F8E12DE9A596CC5F2F61
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Frame ID: D9888B5361BD75A374FF7A17C5535283
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yl1OmQAC3skqgQAZ&gdpr=0&gdpr_consent=&_test=Yl1OmQAC3skqgQAZ
Frame ID: F3FD070F477D1BF114BB42716B4172CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
Frame ID: DD9D42470BB8E63E82FB8083550BB7C5
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC2pE7Eup0AADXoLfG1LA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: D6DB3680463D761664310862C8841CE8
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307406&extuid=${UID}BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Frame ID: B90A3A3527EE9D40B36B01F7A5C3F46E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Frame ID: 1D2DC04F936178B8F69E4AF3DC6467DF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F609EED65FCD3B7DC1700F6491F67A7C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=1&gdpr_consent=
Frame ID: 02E70F8CE226A339E7F29CDF8506F7C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2C15TIZF1NGpLR5&gdpr=1&gdpr_consent=
Frame ID: B92FF233E5455232564F50EBA96EFEFF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663966108261
Frame ID: A455847342E645484721CF3002D3D8B3
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6D0A676F2F7EA0DCA6757430227639D4
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 54289D0606DD02220DB53430A2CDCA5A
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 420D9781F47730A309AF2091E1DC1E34
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bb8b5a83-40bb-499c-88d9-f9c6a10abfe9
Frame ID: D87D6A83A23DEDFE43D27BE1A639FF9B
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Frame ID: DA834920DCA1D225D55250A5049E650B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=1
Frame ID: DFB9D3C7727A9FDC877FCA27E24E92F9
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=32f5f514-e749-4e1d-b276-76a1ffdabb8e-tuct956d41b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C21C13A0791B03DA08F6BC7F99FFB79D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 6094BB2264C8DE7AA84D1619FB96D40E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4D84A5CB41B3482DA421484DC210A486
Frame ID: 74CFA99C471650BECC0687E88A9F42CA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qzR45Dm8C8-M90Sgm05dYg
Frame ID: D20B356A760B668805D2BC0907C0C5B6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OPy3QmDQSp9vyv-25ynWsIrHJoQ
Frame ID: C21B2C9619D70866E66E9AE4A1A30242
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chinese hackers are using VLC media player to launch malware attacksuser-signalchecklistsettings-toggle-horizontal

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

241
Requests

81 %
HTTPS

24 %
IPv6

87
Domains

134
Subdomains

99
IPs

12
Countries

5167 kB
Transfer

8607 kB
Size

131
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Request Chain 75
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=973da537-bf0c-11ec-9721-130dfa940306 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=94&advUuid=973da4fc-bf0c-11ec-9721-130dfa940306
Request Chain 82
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=93&advUuid=0f89355e-31a2-404a-9110-c79888674e72
Request Chain 83
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=99&advUuid=Yl1OlcpEajYsSWK_RgZzFQAABK4AAAAB
Request Chain 84
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3105513479825803323452&advId=121&advUuid=3105513479825803323452
Request Chain 86
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D625d4e9512d94%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=105&advUuid=4715248548087402202
Request Chain 87
  • https://60687.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Request Chain 95
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001650282134-319TPMV2-SQTW&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001650282134-319TPMV2-SQTW&adnxs_id=4715248548087402202
Request Chain 96
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82&id=AU1D-0100-001650282134-319TPMV2-SQTW
Request Chain 97
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&id=AU1D-0100-001650282134-319TPMV2-SQTW
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001650282134-319TPMV2-SQTW&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&google_gid=CAESEExYkYUnifo4yNZehOaLs4I&google_cver=1&google_ula=450542624,0
Request Chain 99
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1MDI4MjEzNC0zMTlUUE1WMi1TUVRX
Request Chain 101
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001650282134-319TPMV2-SQTW&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001650282134-319TPMV2-SQTW&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001650282134-319TPMV2-SQTW HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=32049729715179536262208832275767558486&id=AU1D-0100-001650282134-319TPMV2-SQTW
Request Chain 102
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26unruly_id%3D%5BRX_UUID%5D&cb=1650282134693 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001650282134-319TPMV2-SQTW&unruly_id=OPTOUT
Request Chain 103
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&impr_uid=ef0c3781-64bc-4666-8a9c-3d581c46f2ab
Request Chain 124
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dnSlWSYeB2kbu01fL3Ax&pi=admatic&tc=1
Request Chain 134
  • https://ih.adscale.de/uu?cbfn=receive&t=1650282134 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1650282134&nut&uu=5785142e97f84ebe972338a98d1e7445
Request Chain 145
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5785142e97f84ebe972338a98d1e7445&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=101&tpuid=BBID-01-03249961349315755-16580088
Request Chain 147
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1b743552e1bfc725d1c5c252f118152bd49ec7a8ef86e98c835853aa85b954c2&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yl1OlcpEajYsSWK-RgZzFQAA%261198
Request Chain 148
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c352e858b887bbea9a7e9bc221645d0b83b3f0d8f2cd4ec6a55c9cbb976b9af8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c352e858b887bbea9a7e9bc221645d0b83b3f0d8f2cd4ec6a55c9cbb976b9af8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=42&gdpr=0&tpuid=6758373342836029210
Request Chain 154
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=0d9f0398f17ea4f18093ade0d655f7fa010d97d82eca433982d572e8ff597440&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=00922ab3-f1c8-43b9-8ebd-90e79908dd49&gdpr=0
Request Chain 155
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=bdc0c554fdba708016b666cf9073c1af4b746f02c2071e4cd164ead81246724f&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
Request Chain 163
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
Request Chain 165
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
Request Chain 167
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3105513479825803323452?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xhGQvtpE2oT8CNcwNDQXSV.eNEUwHnzRDVYxf4Xfkw--~A&dongle=0883
Request Chain 170
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3105513479825803323452 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3105513479825803323452&dcc=t
Request Chain 171
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f24e7ad66a109b3bfd51a7e2f37ba714316a1b2e869949a22538d714b90d4a20&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?uid=f24e7ad66a109b3bfd51a7e2f37ba714316a1b2e869949a22538d714b90d4a20&tpid=38&gdpr=0&tpuid=CAESEP1GwImkHDJOTG4RNvLPAMY&google_cver=1
Request Chain 176
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=75&tpuid=4715248548087402202&gdpr=0
Request Chain 179
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=679c183d060fca5225d024358c94a494278781b85512bed5d3608d669d48a013&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=679c183d060fca5225d024358c94a494278781b85512bed5d3608d669d48a013&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/js?tpid=48&tpuid=d600bf293ba0b5af9bd0a27e26e11b50
Request Chain 184
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=D110AD19BECE4A4B83D29822D64ED89F&RedC=c.clarity.ms&MXFR=2BD238607A95663D0D8E29EA7E95684B HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=D110AD19BECE4A4B83D29822D64ED89F&MUID=10CD8A33DB2961B932E49BB9DAA26092
Request Chain 190
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yl1OmQAC3skqgQAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yl1OmQAC3skqgQAZ&gdpr=0&gdpr_consent=&_test=Yl1OmQAC3skqgQAZ
Request Chain 191
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
Request Chain 192
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMnBFN0V1cDBBQURYb0xmRzFMQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC2pE7Eup0AADXoLfG1LA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC2pE7Eup0AADXoLfG1LA&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC2pE7Eup0AADXoLfG1LA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v6pAvtGqRuKFogfHfKxQrQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 196
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=beee625d-4e97-4100-95e7-1885489c8389
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkZBQTQwQkUtRDFBQS00NkUyLTg1QTItMDdDNzdDQUM1MEFE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKICRaXLpmeE1YZ-xY1THJE&google_cver=1
Request Chain 200
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3875150088577712027&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 201
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82
Request Chain 203
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6dpqMpZE2uVNfTPDzdA1SC304NAmZd8-~A&gdpr=0&gdpr_consent=
Request Chain 211
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2C15TIZF1NGpLR5&gdpr=1&gdpr_consent=
Request Chain 212
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663966108261
Request Chain 213
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 214
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 216
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bb8b5a83-40bb-499c-88d9-f9c6a10abfe9
Request Chain 217
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=535d6be2-b207-45a1-9d11-b38c02a319bb&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Request Chain 218
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=1&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=1
Request Chain 219
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=32f5f514-e749-4e1d-b276-76a1ffdabb8e-tuct956d41b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 220
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650282139146 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 221
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4D84A5CB41B3482DA421484DC210A486
Request Chain 222
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qzR45Dm8C8-M90Sgm05dYg
Request Chain 223
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OPy3QmDQSp9vyv-25ynWsIrHJoQ
Request Chain 224
  • https://pixel.onaudience.com/?partner=214&mapped=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=87c602ee3526a64df3482802f48575e2&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=b7794c3d848d3a50 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f98e535f-8a2b-4e2f-5c56-f3b135a969cf&reqId=d80b3af3-0224-4c73-7cd4-68cd8a6f0054&zcluid=b7794c3d848d3a50&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEOrFfu2Zx2Sj08ic_JspkcQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f98e535f-8a2b-4e2f-5c56-f3b135a969cf&reqId=d80b3af3-0224-4c73-7cd4-68cd8a6f0054&zcluid=b7794c3d848d3a50&zdid=1332
Request Chain 225
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&addseg=19,36,42
Request Chain 226
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&sInitiator=external&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&sInitiator=external&gdpr=1&gdpr_consent=
Request Chain 229
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a825c84-bf0c-11ec-bb2d-df264068c0e1&gdpr=1&gdpr_consent=
Request Chain 232
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8pXeI_DC0iXplogl8ZfGd6KW3XDplo9y_ZM_6oCo
Request Chain 235
  • https://pmp.mxptint.net/sn.ashx?&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_EE85576D_28B280BE&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 236
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4715248548087402202

241 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.androidpolice.com/hackers-vlc-malware/ 		627 KB
130 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5d71ecd87c2e843db272b3856943421246393a558225db7f01988b2cb2ff21d2
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 11:42:12 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
VLC3Hero-01.png
static1.anpoimages.com/wordpress/wp-content/uploads/2020/09/23/ 		703 KB
704 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.anpoimages.com/wordpress/wp-content/uploads/2020/09/23/VLC3Hero-01.png?q=50&fit=contain&w=1500&h=&dpr=1.5
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4485 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c969c534018935993ccb32e0057bb637ba4898ed5784b8a86302961e3f0e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
cf-cache-status
HIT
age
124967
cf-polished
origFmt=png, origSize=1059989
content-disposition
inline; filename="VLC3Hero-01.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
720084
x-request-id
c62iRn7TIbeQe0DL1K11-
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
76f2409ecee6c7f9db703ebd3f6ce019bda6e8c84910626d39d7b4ab658b7ea3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fdd22c1de8590fa-FRA
expires
Mon, 17 Apr 2023 00:59:25 GMT
a-article.b4c2e531.css
www.androidpolice.com/public/build/ 		199 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0f25eef1f15c5be98d251cc8b60a3cdaf0bb23672d313c8a62dd2037bbb7488e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-31cd7"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:12 GMT
dfp.js
www.androidpolice.com/public/build/ 		36 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/dfp.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-24"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:12 GMT
valnet-header-ads.a8e17398.js
www.androidpolice.com/public/build/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/valnet-header-ads.a8e17398.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8b0d1446f412484a2a7d1abb46ddc5de128d8aaf11b1fe04ac729ee4830c5e5b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-afe"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:13 GMT
ck.5.js
f.convertkit.com/ckjs/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.convertkit.com/ckjs/ck.5.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b7fb37ec681a6a1bd507ce80613c7343fb3b394b29e21e7b11d6a6df933f68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 14:51:13 GMT
server
cloudflare
age
6501
etag
W/"7f6a2b3f8f18a10fb2a520d097324cd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
6fdd22c34f8891ef-FRA
x-amz-request-id
EAMD3N8AVY5PS147
x-amz-id-2
qquqfsMY2B8IUFOQ78eZF4TF0XgnR+9310sGurV9FrFDDIh8PmTiJDffnyrG0mC0ZxiHxUBMv+o=
expires
Mon, 18 Apr 2022 15:42:13 GMT
adsninja.min.js
www.androidpolice.com/public/build/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/adsninja.min.js?v=1647019562
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
05fde9258245fd1d1558ca071a747faedbd1a573c67e512d6b728cba8d6a37b8
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-bf5d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:13 GMT
op.js
tagan.adlightning.com/valnet/ 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/op.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-86.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d40f54cfc8d8edfd938608ca2eb84873935f28e1a8840ed61da9660fdb049c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
MZACbk3VKzmMBlK1dVnAW7xUaGXO_VH9
content-encoding
gzip
etag
"2ca4de1a34e7fb37e6735ba2bf6693f6"
age
2794
x-cache
Hit from cloudfront
content-length
18513
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 18 Apr 2022 04:28:57 GMT
server
AmazonS3
date
Mon, 18 Apr 2022 10:55:42 GMT
content-type
application/javascript
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
YeGBX6Hu0kBl_qPslcaTOmq4YVRatTNvQa22jsuaCYORYeCokJEp1g==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c0950957ab0c3e5a6cd3f2150d5b4962745fb7f7b2ead2502e3b5620b4742e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54113
x-xss-protection
0
server
cafe
etag
10653415413274628188
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 11:42:13 GMT
liveView.php
live.primis.tech/live/ 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6a0802795c78fd281b89bd758c8c428b1b0db0561297f8b0742ba974da7e25a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:12 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/javascript; charset=utf-8
x-amz-cf-id
ca08z1wcP2vKCorOTS2p14tOWio2aBQD7Xyh1aFLXocoA9QEe0oqhQ==
valnet-footer.873d1235.js
www.androidpolice.com/public/build/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/valnet-footer.873d1235.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
926952e0833e0acb9dd02fdbbe59bb8be77f8e7571aaedc900649b9513500e8b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-bb6a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:13 GMT
valnet-footer-article.2fb673ae.js
www.androidpolice.com/public/build/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/valnet-footer-article.2fb673ae.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0f4020071f4d6fbd6e07ddb16daf4859441c7454a0c733b019f7cb1adc8f4d49
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-1457"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:13 GMT
85009X1537243.skimlinks.js
s.skimresources.com/js/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/85009X1537243.skimlinks.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3ffeed0ceb0e14dfa1f0bd0fa79520b976f0ef6644190e09a2a1520feb76322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:51:30 GMT
server
AmazonS3
x-amz-request-id
A8BVXWYKKYZJTB37
etag
"8131ae354f9ba91af07374ab421be75a"
x-hw
1650282133.cds127.am5.hn,1650282133.cds220.am5.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
15513
x-amz-id-2
0kxxRqiGdYWvis9XeltQ6Pq2SyXa4hriVJax3td2wrMFou0nMu87Dl10m5UysR8wgfY+slSk6SA=
count.js
androidpolice.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://androidpolice.disqus.com/count.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
228
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Apr 2022 19:06:38 GMT
Server
nginx
ETag
"62547c3e-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
Ru_Vq-WyL-atLN-kAGhR0-KVytPL_WDKXW4uNSnyvvuIVKkPvCFqnA==
p.js
cdn.parsely.com/keys/androidpolice.com/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/androidpolice.com/p.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
624d529e0da6719af2df6d25615df0c3a7b2dd28c015a731dd0341f0600c5d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
public
date
Mon, 18 Apr 2022 03:59:15 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 18:37:39 GMT
server
nginx
age
27939
etag
W/"623b68f3-11da1"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
oiCVX30LKUfbtiLeGnwwQQmWPLZdlaqgcX6M1OPBT5yQUPNlbw3fRw==
expires
Tue, 19 Apr 2022 03:56:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5102
date
Mon, 18 Apr 2022 10:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 18 Apr 2022 12:17:11 GMT
gtm.js
www.googletagmanager.com/ 		177 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQPCZ5S
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64a9045f1d510f2867f2ad8803096326fc95035508e103b7a15127cd39211423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61193
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Apr 2022 11:42:13 GMT
narrativ-pub.1.0.0.js
static.narrativ.com/tags/ 		38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.narrativ.com/tags/narrativ-pub.1.0.0.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-54.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2f1e02e54fe66adc0d5f1f06048c30bb7cdf2645b7e0fc48c881923868f5f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Sun, 17 Apr 2022 19:07:06 GMT
Via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
Last-Modified
Wed, 30 Mar 2022 15:47:19 GMT
Server
AmazonS3
Age
59708
ETag
"fa011ce702b3b9babaaf109dd7ad4d8f"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-P1
Content-Length
39413
X-Amz-Cf-Id
wNyVZ1lLuGrrvJ0Q467ZDfMY2ottWDf6VJu1-29QUrbXJfrv7AtWvw==
v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg
scarfsmash.com/ 		529 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8c1fc11142d7e1d34065775edaf174ca032b3d84b61c33d8b64780bb2bd4874d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"8bd2bf98cc0bd647dc2c287eab1e89c67aa7a85f832ed4b6b524598d43a86787"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-n085
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 18 Apr 2022 11:42:13 GMT
x-buildnumber
516110284
timing-allow-origin
*
269
a.ad.gt/api/v1/u/matches/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.59.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-59-69.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
30e318a544b3917c5774863f478d299950104625a03083304d113d8fbc9782e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Apr 2022 11:42:13 GMT
cross-origin-resource-policy
cross-origin
server
nginx/1.18.0
content-length
6855
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6447b819f1671061eaef6eb9a388b162c8714aed75720e7e4a579f738e30cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28592
x-xss-protection
0
server
sffe
etag
"1190 / 173 of 1000 / last-modified: 1650280021"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Apr 2022 11:42:13 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
291
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0BQ5HGMCV5DF2ENJXQN5
date
Mon, 18 Apr 2022 11:37:22 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
fIwRQiN8QeL4Wz19faB8iA9Ekoizodoe4_4HnBYcvSoO023HNnbBUw==
ap-logo-full-colored-dark.2a8945fa.svg
www.androidpolice.com/public/build/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.androidpolice.com/public/build/images/ap-logo-full-colored-dark.2a8945fa.svg
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0375b396ee741813158bda96fabc3295611b9ca67cd367aa31193cf80dacfe95
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/public/build/a-article.b4c2e531.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-11de"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:13 GMT
Gilroy-Bold.3834bcd8.woff2
www.androidpolice.com/public/build/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/fonts/Gilroy-Bold.3834bcd8.woff2
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e8fd802ce5042d308a2d650c3db8f60b2bd3b884f34d6ceabe0631a3a9e226f5
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Origin
https://www.androidpolice.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
x-content-type-options
nosniff
content-length
31380
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"62589304-7a94"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges
bytes
expires
Tue, 18 Apr 2023 11:42:13 GMT
icomoon.6b793360.woff
www.androidpolice.com/public/build/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/fonts/icomoon.6b793360.woff
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6378f6326c6b8ed5ba7c9dd71718f4acfab15effd24a9c83974e4e8ea473879e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Origin
https://www.androidpolice.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
x-content-type-options
nosniff
content-length
18096
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"62589304-46b0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges
bytes
expires
Tue, 18 Apr 2023 11:42:13 GMT
Gilroy-Medium.0ba01f1d.woff2
www.androidpolice.com/public/build/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/public/build/fonts/Gilroy-Medium.0ba01f1d.woff2
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9115bbf3b3dee88764e74ecdf31c2234ece91aa42a596a1d3ba11925662777ba
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Origin
https://www.androidpolice.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
x-content-type-options
nosniff
content-length
31156
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"62589304-79b4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges
bytes
expires
Tue, 18 Apr 2023 11:42:13 GMT
liveView.php
live.primis.tech/live/ Frame A185 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
26a7e3dce40bfb944a2eb0b31156eefd8839acf898410b170ad0714330ae93b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:12 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/javascript; charset=utf-8
x-amz-cf-id
CqHJBm0mSQ5YYjNkt_R5lceGVi8jpS5JhSGq0x4L5xbbbnbI4jNaRQ==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fwww.androidpolice.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d26722e46b6160f5002ed50941243b07040e2b9b84481688c7256d4fb742684d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.androidpolice.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1961
x-amz-cf-id
ERkXzJ0FyH4U1DXznXG2x5Gc3MiYu6oWp5KOn2DZsKuoIPFkM37L8g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
37929
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Mon, 18 Apr 2022 01:10:05 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
ZL03eefWQ1S4cw_-OVAmN_CmfYXcjZKOFPmHeESSPu6PCYT91Zyg1Q==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.androidpolice.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
acv.json
scarfsmash.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scarfsmash.com/acv.json
Requested by
Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
last-modified
Fri, 15 Apr 2022 19:31:26 GMT
x-datacenter
gce-europe-west1
date
Mon, 18 Apr 2022 11:42:13 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-n085
content-type
application/json
access-control-allow-origin
https://www.androidpolice.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges
bytes
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/ 		302 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8382598503519971&plah=www.androidpolice.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24c69f45f4ba1207f7123837a557d726a9aa513716e019ad8a2e6d1e16196c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110295
x-xss-protection
0
server
cafe
etag
5453206317193398067
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Apr 2022 11:42:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame E62E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51014
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Apr 2022 21:31:59 GMT
etag
14837630671339829333
expires
Sun, 01 May 2022 21:31:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
segments.js
seg.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.129.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-129-50.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
server
nginx/1.20.0
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1650282133210&plid=5462423&idsite=androidpolice.com&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&sref=&sts=1650282133204&slts=0&title=Chinese+hackers+are+using+VLC+media+player+to+launch+malware+attacks&date=Mon+Apr+18+2022+11%3A42%3A13+GMT%2B0000+(GMT)&action=pageview&pvid=41665214&u=pid%3Db39c644982ffa3ee41c9c2e54bf83a4c
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:13 GMT
Cache-Control
no-cache
Last-Modified
Monday, 18-Apr-2022 11:42:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ap-logo-full-white.dcd167c8.svg
www.androidpolice.com/public/build/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.androidpolice.com/public/build/images/ap-logo-full-white.dcd167c8.svg
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.b4c2e531.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
daac16a8dcbf772343d560088f23516e8235ab8c3450cae85cc1c61ad4aa6db2
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/public/build/a-article.b4c2e531.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 21:32:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62589304-1262"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires
Tue, 18 Apr 2023 11:42:13 GMT
js
www.googletagmanager.com/gtag/ 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQPCZ5S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be4f0cfc0c5e422805343aec04ef79f2e6d508aae6bb479ca530cd017cdd56dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67138
x-xss-protection
0
expires
Mon, 18 Apr 2022 11:42:13 GMT
web-vitals.iife.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
7184859
fly-request-id
01FT83NDR9FPMTDSSVS65CE944
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fdd22c55d5b9188-FRA

Redirect headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G0Y7MJK5N8SET8DMV6VCXKFA-fra
server
cloudflare
age
153
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6fdd22c4dc729188-FRA
access-control-allow-origin
*
8uhibhcqnt
www.clarity.ms/tag/ 		665 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/8uhibhcqnt?ref=gtm2
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1425 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
077c8ecb8d6c0434c84a974bf662d9b37ab26e6f72dbf18da4628826e62eda7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
x-powered-by
ASP.NET
x-azure-ref
0lU5dYgAAAAAnoxMQVDpsT7mVmVloPqeDTUlMMzBFREdFMDUxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 10:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 18 Apr 2023 10:50:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		329 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.androidpolice.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
7ea26c2e155afa821d8a157303a6dc302c9d1740b36ae5313f0ece87a60c1e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161
x-xss-protection
0
expires
Mon, 18 Apr 2022 11:42:13 GMT
/
r.skimresources.com/api/ 		205 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
6aee4842dfff50c721dfbea2782bd5d6a3070f0cd192f75f9441178bf957639d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.androidpolice.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame D475 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.11390441380989502
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=4.832486204365063
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=4.832486204365063
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
ats.js
ats.rlcdn.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.146.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-146-8.maa50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
br
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
39037
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Mon, 18 Apr 2022 00:51:37 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 643ea663c12dbff7be00a2919f789570.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
MAA50-C2
content-type
application/x-javascript
x-amz-cf-id
p2ivE0HNjvqtET-rZJErifRrVYX7qKLZ2XwATmxVaQwhy6cUPwUxsg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 18 Apr 2022 11:57:13 GMT
269
id.halo.ad.gt/api/v1/partner/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.halo.ad.gt/api/v1/partner/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.194.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-194-160.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
4b3f9cfb0906d42c830920a7a3421e88209843ed315abea5069b32ccd2b23a1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
origin-trial
server
nginx/1.20.0
content-type
text/javascript; charset=UTF-8
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 18 Apr 2022 10:55:29 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
321520816
/
events.release.narrativ.com/api/v0/publishers/2412/pub_info/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/2412/pub_info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-229-166.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-credentials,x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.androidpolice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-credentials, x-requested-with
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.androidpolice.com
allow
OPTIONS, GET, HEAD
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:13 GMT
server
nginx/1.20.2
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
x-bam-build-version
63c21d9982831d134ab44164cd70784f89423817
x-bam-env
release
x-robots-tag
none
/
events.release.narrativ.com/api/v0/publishers/2412/pub_info/ 		185 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/2412/pub_info/
Requested by
Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-229-166.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
c16fe63d5e6c3d1acc9b2aedec440d98db4ebd7ea1bdfe9f26aab74e7be91a7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://www.androidpolice.com/hackers-vlc-malware/
Access-Control-Allow-Credentials
true
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-bam-build-version
63c21d9982831d134ab44164cd70784f89423817
date
Mon, 18 Apr 2022 11:42:13 GMT
server
nginx/1.20.2
x-bam-env
release
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.androidpolice.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
none
content-length
185
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
age
22015659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
JnPw4apQwzpHqpehewnqY_DZX6uZ4-pJQiuD9W_SJONEWy7_ObTA9A==
b-7b120a5-0a477631.js
tagan.adlightning.com/valnet/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/b-7b120a5-0a477631.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-86.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46e15ddd3f3583786961d72eb1a81b34bc9dad89240a461dcf02b43c6aa9e9c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 02:36:09 GMT
content-encoding
gzip
age
3056765
x-cache
Hit from cloudfront
content-length
28013
x-amz-meta-git_commit
7b120a5
last-modified
Wed, 11 Aug 2021 20:29:14 GMT
server
AmazonS3
etag
"4675e7fa49e7c0ac9234b8fdf094591d"
x-amz-version-id
7LhAmE_DVksgARINqWh9rINHREPkIDVQ
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
m9uwx6hQpfx7j7_LoQ-H_hBqnRnq02RaABpfKfZw5jUOuNeaDLlK5g==
bl-39123b0-a4978625.js
tagan.adlightning.com/valnet/ 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet/bl-39123b0-a4978625.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-86.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e9369b1246a6b2dcc7768899b1887d3b16991218f3732a629db9f55d6d78faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 04:49:18 GMT
content-encoding
gzip
age
24775
x-cache
Hit from cloudfront
content-length
37836
x-amz-meta-git_commit
39123b0
last-modified
Mon, 18 Apr 2022 04:28:04 GMT
server
AmazonS3
etag
"8ca4dffaf1d687783eb07fd02802bb9a"
x-amz-version-id
reaRH1lNCGi7YWHXf7MdprxfijFYPqG8
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
kdfIOcah9zDaLbhbu8ePIeA8jSz5HyBhczYFds2em_kafuhaJRDoyg==
count-data.js
androidpolice.disqus.com/ 		854 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Facer-chromebook-514-cb514-2ht-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fanalogue-pocket-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fandroid-tv-13-could-reduce-power-bandwidth-consumption-smart-tv%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fbest-galaxy-s22-wireless-chargers%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fbest-offline-android-games%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fbest-oneplus-10-pro-deals-trade-in-values%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fechoes-of-mana-hands-on-android%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fgalaxy-watch4-wearos-tutorial-skip%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fhow-to-set-up-emergency-sos-features-on-android%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8451e01520e25fbd129deec5a20dc3bc728c176d50923c05c881f0108159d59
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:13 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
854
X-XSS-Protection
1; mode=block
count-data.js
androidpolice.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Fiqoo-9-pro-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Flg-one-year-state-of-the-industry%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Foddict-twig-pro-earbuds-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-expert-raw-creators-explain-behind-the-scenes-of-app-making%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-galaxy-s21-fe-is-150-off-right-now%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-galaxy-tab-s8-ultra-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-is-selling-certified-refurbished-galaxy-s21-phones%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsony-linkbuds-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsteam-on-chrome-os-explainer-mods%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fthe-android-police-podcast-is-back%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
726b2d9ab6da86c3ac5e3fd266d5521d9845729b10ff3d8373cd5e03883aead1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:13 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
1135
X-XSS-Protection
1; mode=block
count-data.js
androidpolice.disqus.com/ 		504 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Ftwitter-edit-button-interface-first-look%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fweekend-poll-which-rumored-gadget-are-you-most-excited-to-see-at-google-io%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fwindows-11-android-apps-review%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cecbfb8e56a3971faa9cb5f4abb89d53e8768cda12a332dfcb703797c4247dd5
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:13 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
662
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
504
X-XSS-Protection
1; mode=block
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame A185 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"5e441350-4be0"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
19424
x-amz-cf-id
EVgyEXUahJhvCJOjrraQSD6m342YGPNprcWU0A6IYV1do8Kf_Uurmg==
expires
Tue, 18 Apr 2023 11:42:13 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame A185 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"6024fccc-228f"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
8847
x-amz-cf-id
cXFtLYFSrs3NKe1SUWoe-yQD-mrFf81uanYIO4-A2JS_q3g5XHapNA==
expires
Tue, 18 Apr 2023 11:42:12 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame A185 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"6024fccc-1ef8"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7928
x-amz-cf-id
2lFSV03ECVP8M5u-uCmmA4RDQ46c-NGjyGu6hJ1zfA29DeBnMYKuoQ==
expires
Tue, 18 Apr 2023 11:42:12 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame A185 		258 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"623b1724-409bc"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
264636
x-amz-cf-id
1Th1cd8suXXr3KWUeHZb1rYYgwD5ED3Tf3F6lJokaA1czvLh_SRDBA==
expires
Tue, 18 Apr 2023 11:42:13 GMT
prebidVid.5.18.0_11.min.js
live.primis.tech/content/prebid/ Frame A185 		490 KB
491 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8dad17c7c62057440ce13ba42120968005b66d0d7125df6b3086e8588fded21e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 06:22:56 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"62415440-7a683"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
501379
x-amz-cf-id
RA-ve4XvpKYHoffD6fUze0DP51G8VJOkjZuhJzbvZ6BWRJl0iuERTg==
expires
Tue, 18 Apr 2023 11:42:12 GMT
liveVideo.php
live.primis.tech/live/ Frame A185 		539 KB
540 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31385F31347D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Ae28b%3A4cd0%3A1826&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=625d4e9512d94&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1650282132&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
da9e900aa63bbc307d83bbcf54156decdde8edebdd4565ef5b6957a226376150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:12 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
iVwB6oo_0F16R2Q2KojTANII_NxftLr4F4x_yGd5ODBzC2kL06fy6w==
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6Y5Q4PR4RC&gtm=2oe4d0&_p=860649321&sr=1600x1200&_z=ccd.AKB&ul=en-us&cid=2035479511.1650282133&_s=1&dl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&dt=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&sid=1650282133&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.androidpolice.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
page
t.skimresources.com/api/v2/ 		22 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/ 		22 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=860649321&t=pageview&_s=1&dl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KADAAEABEAQCAC~&jid=1881437008&gjid=1748271829&cid=2035479511.1650282133&tid=UA-6275685-2&_gid=2087370814.1650282134&_r=1&_slc=1&cd1=1003197&cd2=steve-huff&cd3=&cd4=Applications&cd5=Applications&cd6=regular&cd7=0&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=article&cd14=1003197&cd15=steve-huff&cd16=&cd17=stephen-schenck&cd18=regular&cd19=all&cd20=false&cd21=0&cd22=false&cd23=native&cd24=desktop&cd25=138.199.38.132&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&cd27=20-24&cd28=20220408&cd29=&cd30=news&cd31=Applications&cd32=%7CNews%7CApplications%7CVLC%7Chacking%7Cmalware%7C&cd33=N&cd34=showAds&cd35=false&cd36=content-all&cd38=software&cd39=News&cd40=Short-Term&z=621319621
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
api
ls.skimresources.com/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/85009X1537243.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.8 aiohttp/3.6.3
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
2
api
ls.skimresources.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ls.skimresources.com/api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.117.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
212.117.120.34.bc.googleusercontent.com
Software
Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.androidpolice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.androidpolice.com
access-control-max-age
1728000
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 18 Apr 2022 11:42:13 GMT
server
Python/3.8 aiohttp/3.6.3
via
1.1 google
session.html
events.release.narrativ.com/api/v0/ Frame 7795 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/session.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-229-166.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
61dfa117e6e1bf3bf5d9f7fbc83a79d63cee9b4dbf42eb27f3a63fedf1dcf811
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private, max-age=7776000, must-revalidate, proxy-revalidate
content-length
713
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:14 GMT
server
nginx/1.20.2
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-bam-build-version
63c21d9982831d134ab44164cd70784f89423817
x-bam-env
release
x-robots-tag
none
clarity.js
j.clarity.ms/s/0.6.34/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8uhibhcqnt?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
br
etag
"1d84ac37b962954"
last-modified
Thu, 07 Apr 2022 21:07:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"620367f6-465a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
18010
x-amz-cf-id
1r9q3crxJxdhDWbaxltJASlPT-C6pEIjQ1JYqvjzxhQ0nZgMD9mstQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame A185 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31385F31347D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Ae28b%3A4cd0%3A1826&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=625d4e9512d94&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
291
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0BQ5HGMCV5DF2ENJXQN5
date
Mon, 18 Apr 2022 11:37:22 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
pB6CfkuXamk4QGzDtHHK8f2l7oirihjuDYQ7vFl-EIy-ZIl8Qj1htw==
css
fonts.googleapis.com/ 		1 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 11:35:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Apr 2022 11:42:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Apr 2022 11:42:13 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B21B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131048
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 11:42:13 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 20 Apr 2022 00:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 1910
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=94&advUuid=973da4fc-bf0c-11ec-9721-130dfa940306
0
331 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=94&advUuid=973da4fc-bf0c-11ec-9721-130dfa940306
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
no-store
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:13 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-id
0CzKMaMyGEouV8a98rR26T90_yrBlePEfUV6eM0vFtLYMeJmaEi8bw==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 18 Apr 2022 11:42:13 GMT
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=94&advUuid=973da4fc-bf0c-11ec-9721-130dfa940306
Server
nginx
X-fe
143
cm
u.openx.net/w/1.0/ Frame 7FB6 		43 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Mon, 18 Apr 2022 11:42:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
s.console.adtarget.com.tr/ Frame 6B68 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
80ff0aa15cda923f4d60bc9ab46edd62b35183c86beb9ad041db2499fac2fd1d

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.androidpolice.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
897
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 11:42:13 GMT
Server
Adtelligent
X-Robots-Tag
noindex
liveView.php
live.primis.tech/live/ Frame A185 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmNuZTQ2Mwt5NTM3Mwx5OTx3JTJGqzyxNwE2ODqyNwI4N2FwNDI0OTImNwQ1MC5gpDQzqzyxX2NioaRyoaRsnWQ9MTt5NmA2OSZ2nWRsY29hqGVhqF9xZXNwPUqio2qfZSgQnXuyoCfkK3JyqzymnXQyM0EeNSg5ZWFlplgfYXRypvZ2nWRsY29hqGVhqF90nXRfZT1Ho29aoGUeUGy4ZWjeMSglZXZcp2y0JTNBKmUerWVupaMeoGF0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249NDAjJzRyYaVaSW5zo3JgYXRco249Jat9NwAjJax9MmM4JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRzuuY2gypaMgqzkwLW1uoHqupzUyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNDJEMmEmODVGMmEmNDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmNTM3N0Q3QwUmNTx1ODQkNmQ2MmZENTY2RTRDNTpmOTp5NUEmMTM5MmM2NDMmNwM3NTU5NTpmNTZCNwM2RDM5NmA1QTQ4NDI3NwYlNDp2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEkODtzZ2ViTG9hZm04LwY4NDMzqXNypxyjQWRxpw0lYTAlJTNBNzVuMCUmQWM3MWIyM0EjJTNBMTAkMvUmQWUlOGIyM0E0Y2QjJTNBMTtlNvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAjLwAhNDt5Nv43NSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwVxNGU5NTElZDx0JzNvqXN0ZXI9MTY1MDI4MwEmMmxjMSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31385F31347D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Ae28b%3A4cd0%3A1826&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=625d4e9512d94&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
04d93ef7696242442ae678f3bf3b27d8ca0eadef3fb61fe07a55ab719b1b6a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
5290
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-id
_cxoqFy6Zp2_zSsZx0akyzT1C7qIGaR26AqCUxADyxL8wmNIPX5Otw==
logo_11433.png
video.primis.tech/uploads/video/users/logo/30875/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/video/users/logo/30875/logo_11433.png?cbuster=1631179290
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
2d982a78b1da56ba84ff4f57aad9715cef56b27e56f4ed18f5b831a0f4d7d2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 09:21:30 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"8aa2d39c821a27affdb7f7a98e4b58a2"
content-type
image/png
access-control-allow-origin
*
expires
Mon, 02 May 2022 11:42:13 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1239
x-amz-cf-id
sunA1X_wdpW0nD2ems8ctg2kot0hL8psxkOsYk8gPwYY6HjID_sB6g==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY1MDI4MwEmMlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4NTAjJaN0YT0jJat9NwAjJax9MmM4JaZcZF9jYXNmRG9gYWyhPXq3ql5uozRlo2yxpG9fnWNyLzNioSZmqWJJZD1upC1lZWpgo3JaX3q3ql5uozRlo2yxpG9fnWNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmQlRDMkMmt1RwMkMmQ3RDqCNmMmMTM2MmpmNDM5MmxmOTMkN0Q3QwQmMmUmNmqEN0I1MmU5NTt0MTp0NwM2RDU2NxU0QmU3Mmx3OTVBMmEmOTMmNwQmMmYmNmU1OTU3MmU2QwYmNxQmOTpjNUE0ODQlNmY2MwQ3NxM2QTVBNTMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmYmMDMjN0Q3QwU5MmMmMmM4N0Q3QwY2MmE3RDqCNEMmMTMkMmQmMmMmN0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTJuMDIyM0E2ZWEjJTNBYmpkYvUmQTAyM0EkMDElJTNBZTI4YvUmQTRwZDAyM0EkODI2JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjMC4jLwQ4OTYhNmUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlNWQ0ZTx1MTJxOTQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY1MDI4MwEmMmt4NlZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwVxNGU5NTU5MTquJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRzuuY2gypaMgqzkwLW1uoHqupzUyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=UTF-8
x-amz-cf-id
KbZCXBB6QjDdltqPfpca-Tl6o0ZfqOIEa_3zjHu6Y_AW80JDVHAScA==
sync
x.bidswitch.net/ Frame A185 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame A185
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=93&advUuid=0f89355e-31a2-404a-9110-c79888674e72
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=93&advUuid=0f89355e-31a2-404a-9110-c79888674e72
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
fFSx8TyCdjBbBkFBVX5_yusGEqu5w9endWN0qAnNI8rrgUNGaiqJkw==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=93&advUuid=0f89355e-31a2-404a-9110-c79888674e72
date
Mon, 18 Apr 2022 11:42:13 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame A185
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=99&advUuid=Yl1OlcpEajYsSWK_RgZzFQAABK4AAAAB
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=99&advUuid=Yl1OlcpEajYsSWK_RgZzFQAABK4AAAAB
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
7Wt8gM5YDKxcquzP4EMWjqWFSbnXzUaLYCWFg5_huhqkGFnMivB0Dw==

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=99&advUuid=Yl1OlcpEajYsSWK_RgZzFQAABK4AAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 18 Apr 2022 11:42:13 GMT
liveCS.php
live.primis.tech/live/ Frame A185
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3105513479825...
0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3105513479825803323452&advId=121&advUuid=3105513479825803323452
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
pc9MkK0DrapkfqrAlONcP4F_x5IjUbvcV5WRKw30JlY4y-4ilkz4xg==

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3105513479825803323452&advId=121&advUuid=3105513479825803323452
date
Mon, 18 Apr 2022 11:42:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.php
pixel.rubiconproject.com/exchange/ Frame A185 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame A185
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D625d4e9512d94%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=105&advUuid=4715248548087402202
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=105&advUuid=4715248548087402202
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P1
content-type
text/html; charset=utf-8
x-amz-cf-id
gr28XKfbXN_gK_QT1sFMIVGpAhzctjsj7iaRa6pVkeWRIt1HaHbD3A==

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:13 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b8d24e5a-fb2f-46b9-a812-01ae0cc7a77b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=625d4e9512d94&pixel=&advId=105&advUuid=4715248548087402202
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verify
60687.publishers.tremorhub.com/pubsync/ Frame A185
Redirect Chain
  • https://60687.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
  • https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3Dhttps%253A%252F%252Fsync.intent...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://60687.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
2600:1f18:612b:4216:99f2:7ef8:5bca:944d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D%2B584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
date
Mon, 18 Apr 2022 11:42:14 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
vid61687e6287ac4249236450.jpg
video.primis.tech/uploads/cn20/video/users/converted/30875/video_6135c3ae46289537299997/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn20/video/users/converted/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.jpg?cbuster=1634238363
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
4eb2542d055c2aca6bea060656b8d3da6027dad7eb537bdcde68ec92bb8f5d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:13 GMT
via
1.1 4a239bcf6999860d9ff48f3a45dc801c.cloudfront.net (CloudFront)
last-modified
Thu, 14 Oct 2021 19:06:41 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"8c2b0917ecad819cf44102950dcd8f76"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 02 May 2022 11:42:13 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
11802
x-amz-cf-id
4dAgNTx9CDZpcn49fN4ksk5ex5ilFwSeN-oARKDf8TfS3V2oOXGIJQ==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame A185 		125 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmNuZTQ2Mwt5NTM3Mwx5OTx3JTJGqzyxNwE2ODqyNwI4N2FwNDI0OTImNwQ1MC5gpDQzqzyxX2NioaRyoaRsnWQ9MTt5NmA2OSZ2nWRsY29hqGVhqF9xZXNwPUqio2qfZSgQnXuyoCfkK3JyqzymnXQyM0EeNSg5ZWFlplgfYXRypvZ2nWRsY29hqGVhqF90nXRfZT1Ho29aoGUeUGy4ZWjeMSglZXZcp2y0JTNBKmUerWVupaMeoGF0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249NDAjJzRyYaVaSW5zo3JgYXRco249Jat9NTAjJax9MwtkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRzuuY2gypaMgqzkwLW1uoHqupzUyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNDJEMmEmODVGMmEmNDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmNTM3N0Q3QwUmNTx1ODQkNmQ2MmZENTY2RTRDNTpmOTp5NUEmMTM5MmM2NDMmNwM3NTU5NTpmNTZCNwM2RDM5NmA1QTQ4NDI3NwYlNDp2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEkODtzZ2ViTG9hZm04LwY4NDMzqXNypxyjQWRxpw0lYTAlJTNBNzVuMCUmQWM3MWIyM0EjJTNBMTAkMvUmQWUlOGIyM0E0Y2QjJTNBMTtlNvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAjLwAhNDt5Nv43NSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwVxNGU5NTElZDx0JzNvqXN0ZXI9MTY1MDI4MwEmMmxlNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31385F31347D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Ae28b%3A4cd0%3A1826&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=625d4e9512d94&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c8f2eaaf7e08f9de84042ef292ac32a702babdf1dd4bbd1fd0c138e719b819b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
12252
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-id
bJQj4CSDF9Osa_2Btl4Reyh4gVhg2DFPoSuOwNlG10Mkpsorfn9ZAA==
liveView.php
live.primis.tech/live/ Frame A185 		125 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmNuZTQ2Mwt5NTM3Mwx5OTx3JTJGqzyxNwE2ODqyNwI4N2FwNDI0OTImNwQ1MC5gpDQzqzyxX2NioaRyoaRsnWQ9MTt5NmA2OSZ2nWRsY29hqGVhqF9xZXNwPUqio2qfZSgQnXuyoCfkK3JyqzymnXQyM0EeNSg5ZWFlplgfYXRypvZ2nWRsY29hqGVhqF90nXRfZT1Ho29aoGUeUGy4ZWjeMSglZXZcp2y0JTNBKmUerWVupaMeoGF0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249NDAjJzRyYaVaSW5zo3JgYXRco249Jat9MmQjJax9MTxkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRzuuY2gypaMgqzkwLW1uoHqupzUyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNDJEMmEmODVGMmEmNDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmNTM3N0Q3QwUmNTx1ODQkNmQ2MmZENTY2RTRDNTpmOTp5NUEmMTM5MmM2NDMmNwM3NTU5NTpmNTZCNwM2RDM5NmA1QTQ4NDI3NwYlNDp2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEkODtzZ2ViTG9hZm04LwY4NDMzqXNypxyjQWRxpw0lYTAlJTNBNzVuMCUmQWM3MWIyM0EjJTNBMTAkMvUmQWUlOGIyM0E0Y2QjJTNBMTtlNvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAjLwAhNDt5Nv43NSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwVxNGU5NTElZDx0JzNvqXN0ZXI9MTY1MDI4MwEmMmxlNlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31385F31347D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Ae28b%3A4cd0%3A1826&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=625d4e9512d94&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
71ac5b3b22b51b8819b5a128be8a44b5b50d23bca8830626a62c97c72be1c34d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
12255
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-id
Tp3-zkHC5XwFvTYkf6x4m9Dduxb26kVft-KOYl3vyBzohZkYxVBJ7A==
liveView.php
live.primis.tech/live/ Frame A185 		43 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmNuZTQ2Mwt5NTM3Mwx5OTx3JTJGqzyxNwE2ODqyNwI4N2FwNDI0OTImNwQ1MC5gpDQzqzyxX2NioaRyoaRsnWQ9MTt5NmA2OSZ2nWRsY29hqGVhqF9xZXNwPUqio2qfZSgQnXuyoCfkK3JyqzymnXQyM0EeNSg5ZWFlplgfYXRypvZ2nWRsY29hqGVhqF90nXRfZT1Ho29aoGUeUGy4ZWjeMSglZXZcp2y0JTNBKmUerWVupaMeoGF0ZXIzqzyxX2NioaRyoaRsZHVlYXRco249NDAjJzRyYaVaSW5zo3JgYXRco249Jat9NTAjJax9MwtkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRzuuY2gypaMgqzkwLW1uoHqupzUyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmNDJEMmEmODVGMmEmNDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmNTM3N0Q3QwUmNTx1ODQkNmQ2MmZENTY2RTRDNTpmOTp5NUEmMTM5MmM2NDMmNwM3NTU5NTpmNTZCNwM2RDM5NmA1QTQ4NDI3NwYlNDp2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEkODtzZ2ViTG9hZm04LwY4NDMzqXNypxyjQWRxpw0lYTAlJTNBNzVuMCUmQWM3MWIyM0EjJTNBMTAkMvUmQWUlOGIyM0E0Y2QjJTNBMTtlNvZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTAjLwAhNDt5Nv43NSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwVxNGU5NTElZDx0JzNvqXN0ZXI9MTY1MDI4MwEmMmxlOCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31385F31347D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Ae28b%3A4cd0%3A1826&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=625d4e9512d94&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6e25a93c3c2ea981ac2735588e1136b7b8f41922108e9f6ca754ca7951eec700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:13 GMT
content-encoding
gzip
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
content-type
application/json; charset=utf-8
content-length
6333
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-id
_2MLc-Ijj5SMt8YtHOIJS2uEK33GlE_DQXNtQlduaimP7gDyB8nctg==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.androidpolice.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:30:15 GMT
x-content-type-options
nosniff
age
403918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:17:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Apr 2023 19:30:15 GMT
269
p.ad.gt/api/v1/p/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/269?au_id=AU1D-0100-001650282134-319TPMV2-SQTW
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.254.18.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-254-18-59.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8b025d662daffd60182ba7a8c9e02a5ce11a2377512196ee55a1148e2da83269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 13:40:18 GMT
server
nginx/1.18.0
etag
W/"1650030018.0-32512-2713389681"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
expires
Mon, 18 Apr 2022 23:42:14 GMT
haloid
id.halo.ad.gt/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.halo.ad.gt/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.194.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-194-160.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
c5d5e7f685c3bb91e84b94b6738310b8e2de4056b4668c42131ec64b3f014e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
content-encoding
gzip
origin-trial
server
nginx/1.20.0
content-type
text/javascript; charset=UTF-8
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001650282134-319TPMV2-SQTW&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001650282134-319TPMV2-SQTW&adnxs_id=4715248548087402202
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001650282134-319TPMV2-SQTW&adnxs_id=4715248548087402202
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:14 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:14 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e63c751a-e615-4f96-a9ef-9adcd1b1342f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001650282134-319TPMV2-SQTW&adnxs_id=4715248548087402202
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001650282134-319TPMV2-SQTW
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001650282134-319TPMV2-SQTW
  • https://ids.ad.gt/api/v1/t_match?tdid=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82&id=AU1D-0100-001650282134-319TPMV2-SQTW
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82&id=AU1D-0100-001650282134-319TPMV2-SQTW
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82&id=AU1D-0100-001650282134-319TPMV2-SQTW
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001650282134-319TPMV2-SQTW
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001650282134-319TPMV2-SQTW
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&id=AU1D-0100-001650282134-319TPMV2-SQTW
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&id=AU1D-0100-001650282134-319TPMV2-SQTW
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:14 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&id=AU1D-0100-001650282134-319TPMV2-SQTW
date
Mon, 18 Apr 2022 11:42:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001650282134-319TPMV2-SQTW
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001650282134-319TPMV2-SQTW&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&google_gid=CAESEExYkYUnifo4yNZehOaLs4I&google_cver=1&google_ula=450542624,0
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&google_gid=CAESEExYkYUnifo4yNZehOaLs4I&google_cver=1&google_ula=450542624,0
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&google_gid=CAESEExYkYUnifo4yNZehOaLs4I&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001650282134-319TPMV2-SQTW
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1MDI4MjEzNC0zMTlUUE1WMi1TUVRX
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1MDI4MjEzNC0zMTlUUE1WMi1TUVRX
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY1MDI4MjEzNC0zMTlUUE1WMi1TUVRX
date
Mon, 18 Apr 2022 11:42:14 GMT
server
nginx/1.20.0
content-length
473
content-type
text/html; charset=utf-8
cm
trc.taboola.com/sg/audigent/1/ 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
188
pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
via
1.1 varnish
server
nginx
x-timer
S1650282135.830065,VS0,VE188
x-served-by
cache-icn1450024-ICN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001650282134-319TPMV2-SQTW&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001650282134-319TPM...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001650282134-319TPMV2-SQTW&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
  • https://ids.ad.gt/api/v1/adb_match?adb=32049729715179536262208832275767558486&id=AU1D-0100-001650282134-319TPMV2-SQTW
43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=32049729715179536262208832275767558486&id=AU1D-0100-001650282134-319TPMV2-SQTW
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:14 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v031-08d815db4.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
X0aSQOAsRFI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ids.ad.gt/api/v1/adb_match?adb=32049729715179536262208832275767558486&id=AU1D-0100-001650282134-319TPMV2-SQTW
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
unruly
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26unruly_id%3D%5BRX_UUID%5D&cb=1650282134693
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001650282134-319TPMV2-SQTW&unruly_id=OPTOUT
43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001650282134-319TPMV2-SQTW&unruly_id=OPTOUT
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001650282134-319TPMV2-SQTW&unruly_id=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001650282134-319TPMV2-SQTW%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&impr_uid=ef0c3781-64bc-4666-8a9c-3d581c46f2ab
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&impr_uid=ef0c3781-64bc-4666-8a9c-3d581c46f2ab
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:15 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&impr_uid=ef0c3781-64bc-4666-8a9c-3d581c46f2ab
date
Mon, 18 Apr 2022 11:42:14 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6275685-2&cid=2035479511.1650282133&jid=1881437008&gjid=1748271829&_gid=2087370814.1650282134&_u=KADAAEAAEAQCAC~&z=629180795
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Apr 2022 11:42:14 GMT
content-type
text/plain
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2gklFEW-NJl3frjpErLdn22dF76z31sZAZbICy9xn6qd_40WLMJmzO0CeyAU9IsYWH_o30qMEqd5pZrjub-CiQ
scarfsmash.com/ 		209 B
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scarfsmash.com/v2gklFEW-NJl3frjpErLdn22dF76z31sZAZbICy9xn6qd_40WLMJmzO0CeyAU9IsYWH_o30qMEqd5pZrjub-CiQ
Requested by
Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
0177a18945f37ea98c8707bdc6f07b5a6e91b6affbfe0dd3cb2f3fbf4c93ef5a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 18 Apr 2022 11:42:13 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-n085
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 18 Apr 2022 11:42:12 GMT
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 04:52:03 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront), 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
age
24611
x-amzn-requestid
a6a9c019-8588-418c-bec1-869d827f0198
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-625cee73-2271793726e86e2b28d9855f;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1, FRA60-P3
x-amz-apigw-id
QwoyGHJnjoEFgaQ=
content-length
30
x-amz-cf-id
LMjE99lOP6QD_FrWxqszwB33ezRsqLBl5cON9Ck8pCsz5hL-qkA6ZA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A185 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
37930
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Mon, 18 Apr 2022 01:10:05 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
NH13VPAHGlO2Btjox5TvBgNvn6_N93b_FhTqRKOH1m8adqHTI1ZUzg==
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.androidpolice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.androidpolice.com
access-control-max-age
600
age
0
content-length
0
date
Mon, 18 Apr 2022 11:42:14 GMT
server
ATS/9.1.0.33
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame A185 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.androidpolice.com
date
Mon, 18 Apr 2022 11:42:14 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
auction
tlx.3lift.com/header/ Frame A185 		19 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&tmax=3000&gdpr=true
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.71.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-71-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A185 		173 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.68.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-68-235.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
df94dedfee1939b1fb1105b732e39680167d42447e22be8003611b8d5e7f45c6

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
content-encoding
gzip
x-prebid
pbs-java/1.86.0
content-type
application/json
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
318113
search.spotxchange.com/openrtb/2.3/dados/ Frame A185 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/318113?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
X-SpotX-Timing-Transform
0.000331
X-SpotX-Timing-SpotMarket
0.003564
X-SpotX-Timing-Page-Mux
0.000248
X-SpotX-Timing-Page-Require
0.000324
X-fe
088
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.010141
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000272
Last-Modified
Mon, 18 Apr 2022 11:42:14 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003564
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.androidpolice.com
X-SpotX-Timing-Page-Misc
0.005369
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame A185 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.androidpolice.com
date
Mon, 18 Apr 2022 11:42:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
halo_match
ids.ad.gt/api/v1/ 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001650282134-319TPMV2-SQTW&halo_id=02018hqkt607jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.6.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-6-220.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Mon, 18 Apr 2022 23:42:14 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6275685-2&cid=2035479511.1650282133&jid=1881437008&_u=KADAAEAAEAQCAC~&z=452787118
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6275685-2&cid=2035479511.1650282133&jid=1881437008&_u=KADAAEAAEAQCAC~&z=452787118
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2scelAhytsujmkN2HtVsrM5pimju9l7Zd6ZvTe2b1LzLN4HOHQ3Ii_yFTi6T1FoHrA7hSJjUyIjvJfaXPlvf9Q
scarfsmash.com/ 		2 KB
828 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scarfsmash.com/v2scelAhytsujmkN2HtVsrM5pimju9l7Zd6ZvTe2b1LzLN4HOHQ3Ii_yFTi6T1FoHrA7hSJjUyIjvJfaXPlvf9Q
Requested by
Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
295941492338af0acc646044f4ad42adc96e631ae2bc38066d7cbbb79e6fd87b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
date
Mon, 18 Apr 2022 11:42:14 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-n085
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.androidpolice.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
764
PugMaster
image6.pubmatic.com/AdServer/ Frame B21B 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36437555&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D625d4e9512d94%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
content-length
0
cookie
cm.adform.net/ Frame 6942 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 18 Apr 2022 11:42:14 GMT
server
nginx
csync
sync.console.adtarget.com.tr/ Frame A892 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 18 Apr 2022 11:42:14 GMT
Etag
14b2274834353d78
Server
VertaMedia 1.0
pbsync.html
js.adscale.de/ Frame 305A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:3c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5235
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Mon, 18 Apr 2022 10:15:00 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Sat, 16 Apr 2022 21:12:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-id
dZnOMfYBh2fdK26yhOkuxDEqDfKvDjsU6nrHsvCt4xVKtjl87Y6UJQ==
x-amz-cf-pop
DUS51-P1
x-amz-version-id
cUMJ92_cM.fGK97cbtJ7sMBlXBuzGylx
x-cache
Hit from cloudfront
csync
sync.console.adtarget.com.tr/ Frame E1D7 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 18 Apr 2022 11:42:14 GMT
Etag
14b2274834353d78
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame BBB8 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 18 Apr 2022 11:42:14 GMT
Etag
14b2274834353d78
Server
VertaMedia 1.0
csync
sync.console.adtarget.com.tr/ Frame E34C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dnSlWSYeB2kbu01fL3Ax&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dnSlWSYeB2kbu01fL3Ax&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 18 Apr 2022 11:42:14 GMT
Etag
14b2274834353d78
Server
VertaMedia 1.0

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 18 Apr 2022 11:42:14 GMT Mon, 18 Apr 2022 11:42:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=dnSlWSYeB2kbu01fL3Ax&pi=admatic&tc=1
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 16B7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131047
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 11:42:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 20 Apr 2022 00:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame 6B68 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
Server
VertaMedia 1.0
Etag
14b2274834353d78
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 6B68 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
Server
VertaMedia 1.0
Etag
14b2274834353d78
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 6B68 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
Server
VertaMedia 1.0
Etag
14b2274834353d78
Content-Length
43
Content-Type
image/gif
/
events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/?uid_bam=1771976948801600283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-229-166.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-credentials,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.androidpolice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-credentials, content-type, x-requested-with
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.androidpolice.com
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:14 GMT
server
nginx/1.20.2
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
x-bam-build-version
63c21d9982831d134ab44164cd70784f89423817
x-bam-env
release
x-robots-tag
none
session.gif
events.release.narrativ.com/api/v0/ 		0
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1771976948801600283&cache_buster=1650282134136
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-229-166.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
x-bam-build-version
63c21d9982831d134ab44164cd70784f89423817
date
Mon, 18 Apr 2022 11:42:14 GMT
server
nginx/1.20.2
x-robots-tag
none
x-bam-env
release
strict-transport-security
max-age=63072000; includeSubDomains; preload
/
events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/ 		2 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/?uid_bam=1771976948801600283
Requested by
Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.229.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-229-166.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://www.androidpolice.com/hackers-vlc-malware/
Access-Control-Allow-Credentials
true
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-bam-build-version
63c21d9982831d134ab44164cd70784f89423817
date
Mon, 18 Apr 2022 11:42:14 GMT
server
nginx/1.20.2
x-bam-env
release
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.androidpolice.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
none
content-length
2
/
api.narrativ.com/api/v0/publishers/2412/smart_links/ 		190 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.narrativ.com/api/v0/publishers/2412/smart_links/
Requested by
Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.251.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-251-242.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
585ba2e57fc8fcc73e0fb77c7a0b8a11bac98f17c9233d5ecfe5b59bc5d88ddf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept
application/json
Referer
https://www.androidpolice.com/hackers-vlc-malware/
Access-Control-Allow-Credentials
true
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx/1.20.2
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.androidpolice.com
Connection
keep-alive
X-Robots-Tag
noindex, follow
Content-Length
190
/
api.narrativ.com/api/v0/publishers/2412/smart_links/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.narrativ.com/api/v0/publishers/2412/smart_links/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.251.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-251-242.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-credentials,content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.androidpolice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-credentials, content-type, x-requested-with
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin
https://www.androidpolice.com
Access-Control-Max-Age
86400
Allow
OPTIONS, POST
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Apr 2022 11:42:14 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Vary
Origin
X-Robots-Tag
noindex, follow
uu
ih.adscale.de/ Frame 305A
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1650282134
  • https://ih.adscale.de/uu?cbfn=receive&t=1650282134&nut&uu=5785142e97f84ebe972338a98d1e7445
44 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1650282134&nut&uu=5785142e97f84ebe972338a98d1e7445
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
beb2002de39879be2ffdf83ea49dbafb70ea95e1d657fab132a2f57af16c268e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1650282134&nut&uu=5785142e97f84ebe972338a98d1e7445
date
Mon, 18 Apr 2022 11:42:14 GMT
content-length
0
ConsentManager,Sticky2
scarfsmash.com/v2xmeDZLyQ94hveOIkCT4C5FP9xpVSL5bnGwfowLSLweABEMqArTDGM0nYWz2y142bPHxp24k9FGSbSoBaR7h/ 		276 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scarfsmash.com/v2xmeDZLyQ94hveOIkCT4C5FP9xpVSL5bnGwfowLSLweABEMqArTDGM0nYWz2y142bPHxp24k9FGSbSoBaR7h/ConsentManager,Sticky2
Requested by
Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f50f06ac57aa3db04b5928db1c838b00f200b57f7f80c2e54963edfe918ed196
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Origin
https://www.androidpolice.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"ccacd0786f07bfd1f418005977eec4b663dc90175833a88ce398d54fdefca34f"
vary
Accept-Encoding, Accept-Language, Origin
x-hostname
fen-hoothoot-europe-west1-spot-n085
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.androidpolice.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Mon, 18 Apr 2022 11:42:14 GMT
collect
j.clarity.ms/ 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.androidpolice.com
date
Mon, 18 Apr 2022 11:42:13 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
css2
fonts.googleapis.com/ 		7 KB
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 11:35:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Apr 2022 11:42:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Apr 2022 11:42:14 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.androidpolice.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 18:02:08 GMT
x-content-type-options
nosniff
age
409206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:42:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Apr 2023 18:02:08 GMT
MTUsMjA3MGNhNTc5NGIw
images.getadmiral.com/ 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.getadmiral.com/MTUsMjA3MGNhNTc5NGIw
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-buildnumber
515379129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
763
server
cloudflare
x-datacenter
gce-europe-west1
etag
"2c607cb7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEUvQBcCdKx4OYtBOOnECgOOcTnkdv1G9Oi7G9uuabikexf1boC9%2Fb%2BOPxZguvYPDB9%2FKtw%2FnV7aMoVFsPumOTZbLzOcr6rRZS5V2HIcE8pag%2FwnBGNGFegj5CT4FerPRmWsEnUigmD3bHZrwLFM2RnhgXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
private, must-revalidate, max-age=3600
x-hostname
bill
cf-ray
6fdd22cf3d389b69-FRA
userconnect.js
js.adscale.de/ Frame 305A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:3c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
Tl9mRjjV4xk.ybogbbDHglLCbhsQACnS
content-encoding
br
last-modified
Sat, 16 Apr 2022 21:12:38 GMT
server
AmazonS3
age
1775
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 18 Apr 2022 11:12:40 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
lK-8MIWaQ7wq8IZobKMweOGzzLDPYPAvwcvAqchmpQhWyqtBou_LTw==
csync
sync.console.adtarget.com.tr/ Frame 305A 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=5785142e97f84ebe972338a98d1e7445
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
Server
VertaMedia 1.0
Etag
50047b0f429a1582
Content-Length
0
userconnect
ih.adscale.de/ Frame 305A 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1650282134807&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame 023F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4b1d68c1355521ddd3ea76c5262e86a68c64d75b80fb08ddfa345860384076f8

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2604
content-type
text/html;charset=ISO-8859-1
date
Mon, 18 Apr 2022 11:42:14 GMT
match.js
js.adscale.de/ Frame 023F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:3c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
xIt8XQEt8.Qs7gZ6cTeH_29LJ6qDO2nL
content-encoding
br
last-modified
Sat, 16 Apr 2022 21:12:38 GMT
server
AmazonS3
age
1775
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 18 Apr 2022 11:12:40 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
zqU2Be_1AIoUMXI4cwUHOjOVmOTDTPrrLSeUZPRxxZU22FL6A8bTwA==
img
ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/ Frame 023F
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5785142e97f84ebe972338a98d1e7445&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=101&tpuid=BBID-01-03249961349315755-16580088
49 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=101&tpuid=BBID-01-03249961349315755-16580088
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:14 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 18 Apr 2022 11:42:14 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=101&tpuid=BBID-01-03249961349315755-16580088
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
v2gklFEW-NJl3frjpErLdn22dF76z31sZAZbICy9xn6qd_40WLMJmzO0CeyAU9IsYWH_o30qMEqd5pZrjub-CiQ
scarfsmash.com/ 		254 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://scarfsmash.com/v2gklFEW-NJl3frjpErLdn22dF76z31sZAZbICy9xn6qd_40WLMJmzO0CeyAU9IsYWH_o30qMEqd5pZrjub-CiQ
Requested by
Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
139f4d813c9bd8563ac57d0ee50f9f6f1e53a4f4d1d42799fbe8b122887befad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Mon, 18 Apr 2022 11:42:14 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-n085
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
516110284
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
254
expires
Mon, 18 Apr 2022 11:42:13 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 023F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1b743552e1bfc725d1c5c252f...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yl1OlcpEajYsSWK-RgZzFQAA%261198
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yl1OlcpEajYsSWK-RgZzFQAA%261198
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Yl1OlcpEajYsSWK-RgZzFQAA%261198
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Mon, 18 Apr 2022 11:42:15 GMT
img
ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/ Frame 023F
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c352e858b887bbea9a7e9bc221645d0b83b3f0d8f2cd4ec6a55c9cbb976b9af8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3ea...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=c352e858b887bbea9a7e9bc221645d0b83b3f0d8f2cd4ec6a55c9cbb976b9af8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a...
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=42&gdpr=0&tpuid=6758373342836029210
49 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=42&gdpr=0&tpuid=6758373342836029210
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
server
nginx
location
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=42&gdpr=0&tpuid=6758373342836029210
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
getpixels
pixels.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=au1t-f33b39933470facd20639181ad2bb843&url=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.251.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-251-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
server
nginx/1.20.0
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:04:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 18 Apr 2022 12:04:43 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 10:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 18 Apr 2022 11:50:21 GMT
segments
seg.ad.gt/api/v1/ 		21 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.androidpolice.com%252Fhackers-vlc-malware%252F&partner_id=269&tagger_id=au1t-f33b39933470facd20639181ad2bb843&au_id=AU1D-0100-001650282134-319TPMV2-SQTW
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/269?au_id=AU1D-0100-001650282134-319TPMV2-SQTW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.129.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-129-50.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
2f65b37814d674a38e2813bcb3fd9590d449087dfb30420deec70327fef7d1cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.androidpolice.com
date
Mon, 18 Apr 2022 11:42:15 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
collect
a.ad.gt/api/v1/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/269?au_id=AU1D-0100-001650282134-319TPMV2-SQTW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.59.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-59-69.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.androidpolice.com
date
Mon, 18 Apr 2022 11:42:15 GMT
server
nginx/1.18.0
vary
Origin
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 023F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=00922ab3-f1c8-43b9-8ebd-90e79908dd49&gdpr=0
49 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=00922ab3-f1c8-43b9-8ebd-90e79908dd49&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:14 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=00922ab3-f1c8-43b9-8ebd-90e79908dd49&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3127134
content-length
0
expires
Mon, 18 Apr 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 023F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=bdc0c554fdba708016b666cf...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
49 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 18 Apr 2022 11:42:15 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Apr 2022 11:42:14 GMT
visit
app.convertkit.com/forms/1275831/ 		7 B
642 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.convertkit.com/forms/1275831/visit
Requested by
Host: f.convertkit.com
URL: https://f.convertkit.com/ckjs/ck.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
f76652df-803d-4fec-b1b3-a60ca82af533
x-runtime
0.011666
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
ALLOWALL
etag
W/"aee408847d35e44e99430f0979c3357b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
cf-ray
6fdd22d2c8709bdc-FRA
visit
app.convertkit.com/forms/1275831/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.convertkit.com/forms/1275831/visit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.androidpolice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
6fdd22d1de829bdc-FRA
date
Mon, 18 Apr 2022 11:42:15 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.androidpolice.com
date
Mon, 18 Apr 2022 11:42:14 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
usync.html
eus.rubiconproject.com/ Frame B359 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Apr 2022 11:42:15 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9BA6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=131046
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 11:42:15 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 20 Apr 2022 00:06:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 6D63 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=true&
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_11.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
b07e89620200dd72bf464590ae089924352fc1ee9bba7f49ab12be0544164ef5

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
461
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:15 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generic
match.adsrvr.org/track/cmf/ Frame 6D63 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6D63
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
date
Mon, 18 Apr 2022 11:42:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 6D63 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D63
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEwNTUxMzQ3OTgyNTgwMzMyMzQ1Mg%3D%3D
date
Mon, 18 Apr 2022 11:42:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 6D63 		0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3105513479825803323452&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6AF690CB920743C6BC183B1BD75CA9D4 Ref B: FRAEDGE1109 Ref C: 2022-04-18T11:42:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXc7EB+5IprQlZzhqdWrA==
xuid
eb2.3lift.com/ Frame 6D63
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3105513479825803323452?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-xhGQvtpE2oT8CNcwNDQXSV.eNEUwHnzRDVYxf4Xfkw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xhGQvtpE2oT8CNcwNDQXSV.eNEUwHnzRDVYxf4Xfkw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 18 Apr 2022 11:42:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xhGQvtpE2oT8CNcwNDQXSV.eNEUwHnzRDVYxf4Xfkw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 6D63 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3105513479825803323452&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 6D63 		42 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3105513479825803323452&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C22BC75CE9A3447B986BB3ED665B59F7 Ref B: FRA31EDGE0611 Ref C: 2022-04-18T11:42:15Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 6D63
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3105513479825803323452
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3105513479825803323452&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3105513479825803323452&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H3GFNC8XPT7YB5D9RN3K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3105513479825803323452&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6D63
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame B359 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9130bafafbeee56d02271fdd5a7db6f2e15e839f8b64faad15a08610a93d7119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41300
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Mon, 18 Apr 2022 23:10:35 GMT
chunklist_480.m3u8
video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
21ed56d48846d3272ed00c3539e637f2af9be7e81e2bf53c94d1a79c16bcbeeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
last-modified
Thu, 14 Oct 2021 19:07:56 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"c9f10fa9f7cd15ea8978f5c3fccecbae"
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
expires
Mon, 02 May 2022 11:42:16 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2324
x-amz-cf-id
swmH-LOmADs5iz6h0y1R-0pn_ycNwYG0_AUbyCV3CoMX3SrJYFSwCA==
x-proxy-cache
HIT
khaos.jpg
token.rubiconproject.com/ Frame B359 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
img
ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/ Frame 023F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f24e7ad66a109b3bfd51a7e2f37ba714316a1b2e869949a22538d714b90d4a20&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc0...
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?uid=f24e7ad66a109b3bfd51a7e2f37ba714316a1b2e869949a22538d714b90d4a20&tpid=38&gdpr=0&tpuid=CAESEP1GwImkHDJOTG4RNvLPAMY...
49 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?uid=f24e7ad66a109b3bfd51a7e2f37ba714316a1b2e869949a22538d714b90d4a20&tpid=38&gdpr=0&tpuid=CAESEP1GwImkHDJOTG4RNvLPAMY&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?uid=f24e7ad66a109b3bfd51a7e2f37ba714316a1b2e869949a22538d714b90d4a20&tpid=38&gdpr=0&tpuid=CAESEP1GwImkHDJOTG4RNvLPAMY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/ Frame 023F
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447e0a8a3eafaacb798c4%2F1650282134824%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=75&tpuid=4715248548087402202&gdpr=0
49 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=75&tpuid=4715248548087402202&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:16 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 865.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6c723475-660a-4960-a6a9-458d30aba7f9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/img?tpid=75&tpuid=4715248548087402202&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
w_480_00000.ts
video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/ 		250 KB
250 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e0f4b0f8b103d29e14533126ae15d0e0b0e8ef77177ee98da56c58b9fbd07769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
via
1.1 d04998a67c7a3fb6819bd5fdd0bbe124.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
255680
last-modified
Thu, 14 Oct 2021 19:07:57 GMT
server
Tengine
etag
"16bea9a2b918694e5564b805c51b40be"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
fGAAOXMr0GeVC-OZSV29b6ZkBn1hnhkkA6ms4wSN57h1LM7DXSS0uw==
expires
Mon, 02 May 2022 11:42:16 GMT
1793313a-ad1f-4b90-a739-024aa582e876
https://www.androidpolice.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.androidpolice.com/1793313a-ad1f-4b90-a739-024aa582e876
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
js
ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/ Frame 023F
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=679c183d060fca5225d024358c94a494278781b85512bed5d3608d669d48a013&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=679c183d060fca5225d024358c94a494278781b85512bed5d3608d669d48a013&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Ffc098915cfb447...
  • https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/js?tpid=48&tpuid=d600bf293ba0b5af9bd0a27e26e11b50
44 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/js?tpid=48&tpuid=d600bf293ba0b5af9bd0a27e26e11b50
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5fe8be00c6d7dba33728140224d2673a2f327e177632e401febf0d8999fde0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Mon, 18 Apr 2022 11:42:16 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/fc098915cfb447e0a8a3eafaacb798c4/1650282134824/0/js?tpid=48&tpuid=d600bf293ba0b5af9bd0a27e26e11b50
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
w_480_00001.ts
video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/ 		217 KB
217 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
d81828cb6797941c791685fd1e4a02ef73bf5f00eb7c1f66ef772315094cbae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
content-length
221840
last-modified
Thu, 14 Oct 2021 19:07:57 GMT
server
Tengine
etag
"30c9fdb4b7b42c99e62c111d9f67cf97"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
qKdCg5QuAdhnsjP-cSan2ijK21ibbmuRYRBCDKBHircBQmWLJsl-eg==
expires
Mon, 02 May 2022 11:42:16 GMT
sium
ih.adscale.de/ Frame 023F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.238.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-238-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Mon, 18 Apr 2022 11:42:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
w_480_00002.ts
video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/ 		204 KB
205 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
152eb1c2a06a93f33680f266e08f17c955ec9752b388f91b64c3c5f152c9c818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
via
1.1 120b3c0f2e15a58ec71cef7658e3ef14.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
209056
last-modified
Thu, 14 Oct 2021 19:07:57 GMT
server
Tengine
etag
"7bb197e2b3ad23ca1c2802e518184f03"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
gn3KhnRG88bCKUAdEqsJTi0xZC9ftPkcjOV_z8bqK3rcsf6yUCj-8Q==
expires
Mon, 02 May 2022 11:42:16 GMT
pixel.png
www.androidpolice.com/ 		103 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.androidpolice.com/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22id%22:%221003341%22,%22position%22:%22sidebar-pinned-listing-page-article-1%22},{%22id%22:%221003334%22,%22position%22:%22sidebar-pinned-listing-page-article-2%22},{%22id%22:%221003336%22,%22position%22:%22sidebar-pinned-listing-page-article-3%22},{%22id%22:%221003335%22,%22position%22:%22sidebar-pinned-listing-page-article-4%22},{%22id%22:%221003333%22,%22position%22:%22sidebar-pinned-listing-page-article-5%22},{%22id%22:%221003331%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221003262%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221003320%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221003127%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221003322%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221003237%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002579%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221003336%22,%22position%22:%22sentinel-article-sidebarSticky-1%22},{%22id%22:%221002908%22,%22position%22:%22sentinel-article-sidebarSticky-2%22},{%22id%22:%221003318%22,%22position%22:%22sentinel-article-sidebarSticky-3%22},{%22id%22:%22811184%22,%22position%22:%22sentinel-article-relatedContent-1%22},{%22id%22:%221002419%22,%22position%22:%22sentinel-article-relatedContent-2%22},{%22id%22:%221003179%22,%22position%22:%22sentinel-article-relatedContent-3%22},{%22id%22:%221003127%22,%22position%22:%22sentinel-article-relatedContent-4%22},{%22id%22:%221002692%22,%22position%22:%22sentinel-article-relatedContent-5%22},{%22id%22:%221002910%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221003296%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221003310%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221001459%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221002963%22,%22position%22:%22sentinel-article-nextArticle%22}],%22eventType%22:%22impression%22}---&rdm=0.07921702583193535
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/valnet-footer.873d1235.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-161-176.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Oct 2019 21:53:00 GMT
server
nginx
etag
"5db21d3c-67"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
103
x-content-type-options
nosniff
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=D110AD19BECE4A4B83D29822D64ED89F&RedC=c.clarity.ms&MXFR=2BD238607A95663D0D8E29EA7E95684B
  • https://c.clarity.ms/c.gif?CtsSyncId=D110AD19BECE4A4B83D29822D64ED89F&MUID=10CD8A33DB2961B932E49BB9DAA26092
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=D110AD19BECE4A4B83D29822D64ED89F&MUID=10CD8A33DB2961B932E49BB9DAA26092
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:16 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5B58289F05904C489090FFD5771D9183 Ref B: FRA31EDGE0611 Ref C: 2022-04-18T11:42:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=D110AD19BECE4A4B83D29822D64ED89F&MUID=10CD8A33DB2961B932E49BB9DAA26092
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
w_480_00003.ts
video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/ 		313 KB
314 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
6053fc53889afb7eb32e9d8210687ef9828f294cfeb7ee74a8a05d60f7678cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
content-length
320540
last-modified
Thu, 14 Oct 2021 19:07:57 GMT
server
Tengine
etag
"44bf4c469a986e3652b6f070d833eb98"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
Gvx7BTBWiV7Ph8U3wCZCoRLNv-kkREvAYq1HjPce908GgoqUrconEw==
expires
Mon, 02 May 2022 11:42:16 GMT
w_480_00004.ts
video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/ 		277 KB
277 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
9a3b4da04d3eeab954867ddea8cb801f1631acd26fb7366e88e9aa287cfc3ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
via
1.1 d78b645a0212e56f1a04609bf83554e4.cloudfront.net (CloudFront)
x-amz-cf-pop
BRU50-C1
content-length
283316
last-modified
Thu, 14 Oct 2021 19:07:57 GMT
server
Tengine
etag
"e5c6c8255e9520d82e1a5b14171a97d5"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
jn-WiPnovfL_tWPDA0tnuEGZdQCJbwzRgej-dLSbmwmgn0WhQ3ZjBA==
expires
Mon, 02 May 2022 11:42:16 GMT
w_480_00005.ts
video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/ 		260 KB
260 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn20/video/users/hls/30875/video_6135c3ae46289537299997/vid61687e6287ac4249236450.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.115.110.216 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8f6da7d312a4010d5fa2041a43dece31b4b1f259816f145e50f665a8c1b97ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.androidpolice.com/hackers-vlc-malware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:17 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
content-length
265832
last-modified
Thu, 14 Oct 2021 19:07:57 GMT
server
Tengine
etag
"5cf363ff8c11b54af7dea8a22555695d"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
x-proxy-cache
HIT
accept-ranges
bytes
x-amz-cf-id
DLggk1-bWLuxiRsScTnF3ZuFKZvA--xrv8uFM3hnhJ8EtNUrvojeUQ==
expires
Mon, 02 May 2022 11:42:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 16B7 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11126173&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b4c9cd2be6160d785f4bca5a74ad9639a12aa2c389e27df36035aba94b3ec030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame D988 		35 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 18 Apr 2022 11:42:17 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F3FD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yl1OmQAC3skqgQAZ&gdpr=0&gdpr_consent=&_test=Yl1OmQAC3skqgQAZ
1 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yl1OmQAC3skqgQAZ&gdpr=0&gdpr_consent=&_test=Yl1OmQAC3skqgQAZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug018:0:462

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 18 Apr 2022 11:42:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yl1OmQAC3skqgQAZ&gdpr=0&gdpr_consent=&_test=Yl1OmQAC3skqgQAZ
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4050-HHN
x-timer
S1650282137.474575,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame DD9D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 04:04:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0028:0:342

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 18 Apr 2022 11:42:17 GMT
Expires
Mon, 18 Apr 2022 11:42:16 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x56 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:beee625d-4e97-4100-95e7-1885489c8389&gdpr=0&gdpr_consent=
redir
rtb-csync.smartadserver.com/ Frame D6DB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMnBFN0V1cDBBQURYb0xmRzFMQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC2pE7Eup0AADXoLfG1LA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC2pE7Eup0AADXoLfG1LA&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC2pE7Eup0AADXoLfG1LA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC2pE7Eup0AADXoLfG1LA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Mon, 18 Apr 2022 11:42:17 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 18 Apr 2022 11:42:17 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC2pE7Eup0AADXoLfG1LA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
csync
sync.console.adtarget.com.tr/ Frame B90A 		0
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307406&extuid=${UID}BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D%24%7BUID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Mon, 18 Apr 2022 11:42:17 GMT
Etag
50047b0f429a1582
Server
VertaMedia 1.0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 16B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=v6pAvtGqRuKFogfHfKxQrQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:17 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=131044
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 20 Apr 2022 00:06:21 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame 16B7 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:17 GMT
via
1.1 google
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 16B7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=beee625d-4e97-4100-95e7-1885489c8389
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=beee625d-4e97-4100-95e7-1885489c8389
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 18 Apr 2022 11:42:17 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=beee625d-4e97-4100-95e7-1885489c8389
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Apr 2022 11:42:16 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 16B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkZBQTQwQkUtRDFBQS00NkUyLTg1QTItMDdDNzdDQUM1MEFE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 04:04:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0028:0:332
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 16B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKICRaXLpmeE1YZ-xY1THJE&google_cver=1
42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKICRaXLpmeE1YZ-xY1THJE&google_cver=1
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:472
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKICRaXLpmeE1YZ-xY1THJE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 16B7 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 17 Apr 2022 11:42:17 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 16B7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3875150088577712027&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3875150088577712027&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:16 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:473
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3875150088577712027&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 18 Apr 2022 11:42:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 16B7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82
42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:17 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:446
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=70a3bff5-cc2f-4dae-9bc8-fc7403c07a82
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 16B7 		43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 16B7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6dpqMpZE2uVNfTPDzdA1SC304NAmZd8-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6dpqMpZE2uVNfTPDzdA1SC304NAmZd8-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6dpqMpZE2uVNfTPDzdA1SC304NAmZd8-~A&gdpr=0&gdpr_consent=
date
Mon, 18 Apr 2022 11:42:17 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
collect
j.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
https://www.androidpolice.com
date
Mon, 18 Apr 2022 11:42:17 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6Y5Q4PR4RC&gtm=2oe4d0&_p=860649321&sr=1600x1200&_z=ccd.AKB&ul=en-us&cid=2035479511.1650282133&dl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&dt=Chinese%20hackers%20are%20using%20VLC%20media%20player%20to%20launch%20malware%20attacks&sid=1650282133&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.androidpolice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveMatching.php
live.primis.tech/live/ Frame A185 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30342D31385F31347D7B7331363734393939317D7B4335377D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2a02%3A6ea0%3Ac71b%3A0%3A1012%3Ae28b%3A4cd0%3A1826&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F100.0.4896.75+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=625d4e9512d94&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2Fhackers-vlc-malware%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.androidpolice.com/hackers-vlc-malware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:18 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
XYfNtlY73BzfpnhmnKPfjzArIzmFsTK7iNKUZMQPHYMSfCm6VSFm0w==
PugMaster
image6.pubmatic.com/AdServer/ Frame 9BA6 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65278425&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
525dd6155dfa9448674459e3a41bfa9cd960fc9b09bc616c2bd6e4a17dbcd205

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:18 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame 1D2D 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 18 Apr 2022 11:42:19 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-1
server
Cowboy
usersync.aspx
dis.criteo.com/dis/ Frame F609 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 11:42:18 GMT
expires
Mon, 18 Apr 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2148818
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 02E7 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 18 Apr 2022 11:42:18 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame B92F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2C15TIZF1NGpLR5&gdpr=1&gdpr_consent=
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2C15TIZF1NGpLR5&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 04:06:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0027:0:335

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Apr 2022 11:42:19 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2C15TIZF1NGpLR5&gdpr=1&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-024e4a036fc15d347@us-west-2c@dxedge-app-us-west-2-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A455
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663966108261
42 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663966108261
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 06:30:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0025:0:433

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=663966108261
i.match
s.tribalfusion.com/z/ Frame 6D0A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fdd22ea8b58691b-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 11:42:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fdd22e96984691b-FRA
content-type
text/html
date
Mon, 18 Apr 2022 11:42:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
10219
noop
px.owneriq.net/ Frame 5428
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 18 Apr 2022 11:42:19 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 18 Apr 2022 11:42:19 GMT
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Server
AkamaiGHost
usersync
match.bnmla.com/ Frame 420D 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 18 Apr 2022 11:42:19 GMT
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame D87D
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bb8b5a83-40bb-499c-88d9-f9c6a10abfe9
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bb8b5a83-40bb-499c-88d9-f9c6a10abfe9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 04:02:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0021:0:357

Redirect headers

content-length
0
date
Mon, 18 Apr 2022 11:42:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=bb8b5a83-40bb-499c-88d9-f9c6a10abfe9
strict-transport-security
max-age=15724800; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame DA83
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=535d6be2-b207-45a1-9d11-b38c02a319bb&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
42 B
354 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.205.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-205-250.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Mon, 18 Apr 2022 11:42:19 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 18 Apr 2022 11:42:19 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug002:0:388
Pug
simage2.pubmatic.com/AdServer/ Frame DFB9
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=1
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug010:5:343

Redirect headers

content-length
0
date
Mon, 18 Apr 2022 11:42:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=1
server
_
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C21C
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=32f5f514-e749-4e1d-b276-76a1ffdabb8e-tuct956d41b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=32f5f514-e749-4e1d-b276-76a1ffdabb8e-tuct956d41b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 18 Apr 2022 11:42:19 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4025-HHN
x-timer
S1650282140.682774,VS0,VE12

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 18 Apr 2022 11:42:19 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=32f5f514-e749-4e1d-b276-76a1ffdabb8e-tuct956d41b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-icn1450024-ICN
x-timer
S1650282139.220036,VS0,VE184
x-vcl-time-ms
184
Pug
simage2.pubmatic.com/AdServer/ Frame 6094
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=1&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650282139146
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 11:42:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug017:0:548

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 18 Apr 2022 11:42:19 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 74CF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4D84A5CB41B3482DA421484DC210A486
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4D84A5CB41B3482DA421484DC210A486
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug019:0:398

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Mon, 18 Apr 2022 11:42:19 GMT
expires
Sun, 17 Apr 2022 11:42:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4D84A5CB41B3482DA421484DC210A486
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame D20B
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qzR45Dm8C8-M90Sgm05dYg
42 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qzR45Dm8C8-M90Sgm05dYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 11:42:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug007:0:499

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 18 Apr 2022 11:42:19 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qzR45Dm8C8-M90Sgm05dYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C21B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OPy3QmDQSp9vyv-25ynWsIrHJoQ
42 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OPy3QmDQSp9vyv-25ynWsIrHJoQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Apr 2022 04:49:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0026:0:348

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Apr 2022 11:42:19 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OPy3QmDQSp9vyv-25ynWsIrHJoQ
mw
mwzeom.zeotap.com/ Frame 9BA6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=87c602ee3526a64df3482802f48575e2&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=b7794c3d848d3a50
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f98e535f-8a2b-4e2f-5c56-f3b135a969cf&reqId=d80b3af3-0224-4c73-7cd4-68cd8a6f0054&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEOrFfu2Zx2Sj08ic_JspkcQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f98e535f-8a2b-4e2f-5c56-f3b135a969cf&reqId=d80b3af3-0224-4c73-7cd4-68c...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEOrFfu2Zx2Sj08ic_JspkcQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f98e535f-8a2b-4e2f-5c56-f3b135a969cf&reqId=d80b3af3-0224-4c73-7cd4-68cd8a6f0054&zcluid=b7794c3d848d3a50&zdid=1332
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:19 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6fdd22ed3a4f995c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEOrFfu2Zx2Sj08ic_JspkcQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f98e535f-8a2b-4e2f-5c56-f3b135a969cf&reqId=d80b3af3-0224-4c73-7cd4-68cd8a6f0054&zcluid=b7794c3d848d3a50&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 9BA6
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&addseg=19,36,42
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
204.237.133.247 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 Apr 2022 11:42:19 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 9BA6
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&sInitiator=external&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&sInitiator=external&gdpr=1&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&sInitiator=external&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:17 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:17 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&sInitiator=external&gdpr=1&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 9BA6 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.150.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-178-150-13.eu-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:19 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
getuid
ib.adnxs.com/ Frame 9BA6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
Pug
simage2.pubmatic.com/AdServer/ Frame 9BA6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=1&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a825c84-bf0c-11ec-bb2d-df264068c0e1&gdpr=1&gdpr_consent=
1 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a825c84-bf0c-11ec-bb2d-df264068c0e1&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:18 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:471
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9a825c84-bf0c-11ec-bb2d-df264068c0e1&gdpr=1&gdpr_consent=
Date
Mon, 18 Apr 2022 11:42:18 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9a825c85-bf0c-11ec-bb2d-df264068c0e1
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9BA6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9BA6 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:18 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9BA6
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8pXeI_DC0iXplogl8ZfGd6KW3XDplo9y_ZM_6oCo
42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8pXeI_DC0iXplogl8ZfGd6KW3XDplo9y_ZM_6oCo
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:18 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:419
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8pXeI_DC0iXplogl8ZfGd6KW3XDplo9y_ZM_6oCo
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 9BA6 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Mon, 18 Apr 2022 11:42:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 9BA6 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame 9BA6
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_EE85576D_28B280BE&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
HTTP/1.1
Server
38.67.14.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-333268939; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:19 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-333268939; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 18 Apr 2022 05:00:26 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0023:0:421
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 9BA6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4715248548087402202
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4715248548087402202
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:18 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:271
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 18 Apr 2022 11:42:19 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5196f178-e89a-48bc-ad19-e970380974ea
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4715248548087402202
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame 9BA6 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=1&gdpr_consent=
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.160.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 11:42:19 GMT
content-length
0
content-type
text/plain
d1ba4609
rtb.gumgum.com/getuid/ Frame 9BA6 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: www.androidpolice.com
URL: https://www.androidpolice.com/hackers-vlc-malware/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.96.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-96-173.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 11:42:19 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 16B7 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| VALNET_GLOBAL_FBAPPID string| VALNET_GLOBAL_GOOGLEANALYTICSPROPERTYID string| VALNET_GLOBAL_POSTID string| VALNET_GLOBAL_AUTHOR string| VALNET_GLOBAL_CHANNEL string| VALNET_GLOBAL_VIEW string| VALNET_GLOBAL_EXACTVIEW string| VALNET_GLOBAL_ISPREMIUM string| VALNET_GLOBAL_ENVIRONMENT string| VALNET_GLOBAL_POSTTYPE string| VALNET_GLOBAL_JREDITOR string| VALNET_GLOBAL_SREDITOR string| VALNET_GLOBAL_NUMBERPERPAGE string| VALNET_GLOBAL_ISENGAGEMENTTEST string| VALNET_GLOBAL_DETECTEDDEVICE string| VALNET_GLOBAL_IPADDRESS string| VALNET_GLOBAL_BROWSERUSERAGENT string| VALNET_GLOBAL_LENGTH string| VALNET_GLOBAL_DATEPUBLISHED string| VALNET_GLOBAL_EDITOR string| VALNET_GLOBAL_POSTPAYMENTCATEGORY string| VALNET_GLOBAL_CATEGORY string| VALNET_GLOBAL_TAGS string| VALNET_GLOBAL_ISFACEBOOKBROWSER string| VALNET_GLOBAL_ADS string| VALNET_GLOBAL_AMPTRAFFIC string| VALNET_GLOBAL_TEMPLATE string| VALNET_GLOBAL_TLDRPERMALINK string| VALNET_GLOBAL_TLDRPAGE string| VALNET_GLOBAL_TLDRTOTALNUMPAGE string| VALNET_GLOBAL_TLDRVIEWTYPE boolean| VALNET_GLOBAL_ISADBLOCK string| VALNET_GLOBAL_NETWORKCATEGORY string| VALNET_GLOBAL_CONTENTTYPE string| VALNET_GLOBAL_INTENT object| arrayOfEmbeds string| GoogleAnalyticsObject function| ga object| dataLayer function| Waypoint object| skimlinks_exclude object| NRTV_EVENT_DATA function| admiral object| googletag function| __tcfapi object| gamAdSlots function| adsNinjaDefineSlots function| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| adUnitBidderConfigs boolean| validDomain object| validDomains string| x boolean| options function| adsNinjaRunAuctions string| valnet_site_viewType string| valnet_site_view string| valnet_site_campaign string| valnet_site_device boolean| valnet_hideAds object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent301 object| narrativ object| google_tag_data object| gaplugins object| google_tag_manager boolean| apstagLOADED function| AdsNinjaAdsPixelRefresher function| AdsNinjaAuction function| AdsNinjaRefreshingAdZone object| adsNinjaHeaderBiddingManager function| 4dm1r11545242527 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| disqus_config string| disqusForumShortname boolean| isPreview function| addAuSeg boolean| disqusEnable function| _typeof object| PARSELY function| clarity string| google_user_agent_client_hint object| lazySizesConfig object| lazySizes object| valnet_cookie function| valnet_sentinel function| valnet_menu function| LatestBrowseClip function| LazyList function| valnet_ads_refresher function| displayMailChimpStatus object| shareModule string| waypointContextKey function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI boolean| creativeVendorLibraryLoaded object| CK object| regeneratorRuntime object| __sv_forms object| u50jkP2 function| u50jkP3 object| xop object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| gaGlobal function| onYouTubeIframeAPIReady function| google_sa_impl object| googleToken object| googleIMState object| below the author object| sticky footer object| default object| first object| second object| After Poll object| footer object| below main pic object| character count repeatable #2 object| webVitals object| TtahtI2 function| TtahtI3 function| xblocker object| geqY3j function| geqY3d function| xblacklist object| ID5 object| gaData object| PublisherCommonId boolean| sekindoFlowingPlayerOn object| auvars boolean| __halo__loaded__ object| ats object| au object| admrlWpJsonP function| docReady object| autag object| au_seg string| z string| w object| bidder function| adsNinjaDynamicallyInjectAllAdZones undefined| notificationExitBtn undefined| notificationActivateBtn object| imgAdded function| makeSingleImageClickableOnLazyLoadedList function| makeGalleryImageClickableOnLazyLoadedList

131 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQrYLs44MwCgoIgQIQrYLs44MwCgoI4gEQrYLs44MwCgoI5gEQrYLs44MwCgoIhwIQrYLs44MwCgkICRCtguzjgzAKCQg6EK2C7OODMAoJCAsQrYLs44MwCgoIjAIQrYLs44MwCgkIXxCtguzjgzA=
www.androidpolice.com/ Name: viewType
Value: direct
.convertkit.com/ Name: __cf_bm
Value: hJxYHLLA3tPosAT.ievDM9htwbMLW49b3ZJyyY070a0-1650282133-0-AYcBEeEY17HMSRZ1Uppap59SD5Y1tzLJS4kwAvqacMLd+5KsGsBfm/EyFFk3smvZKTjOcxW/ydfkAEw7JHJIhJ9pr2c8M9THPA4DYl/WCnsU
.androidpolice.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.androidpolice.com/hackers-vlc-malware/%22%2C%22sref%22:%22%22%2C%22sts%22:1650282133204%2C%22slts%22:0}
.androidpolice.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=b39c644982ffa3ee41c9c2e54bf83a4c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1650282133204}
.androidpolice.com/ Name: _ga_6Y5Q4PR4RC
Value: GS1.1.1650282133.1.0.1650282133.0
www.clarity.ms/ Name: CLID
Value: 038c93c558714b63b5e62613aac74c9a.20220418.20230418
.ad.gt/ Name: au_idmatch
Value: eyJhcG4iOiAxNjUwMjgyMTMzNDUyLCAidHRkIjogMTY1MDI4MjEzMzQ1MiwgInB1YiI6IDE2NTAyODIxMzM0NTIsICJhZHgiOiAxNjUwMjgyMTMzNDUyLCAiaGFsbyI6IDE2NTAyODIxMzM0NTIsICJnb28iOiAxNjUwMjgyMTMzNDUyLCAidGFib29sYSI6IDE2NTAyODIxMzM0NTIsICJhZG8iOiAxNjUwMjgyMTMzNDUyLCAidW5ydWx5IjogMTY1MDI4MjEzMzQ1MiwgImltcHIiOiAxNjUwMjgyMTMzNDUyLCAib3BlbngiOiAxNjUwMjgyMTMzNDUyLCAicnViIjogMTY1MDI4MjEzMzQ1MiwgIm1lZGlhbWF0aCI6IDE2NTAyODIxMzM0NTIsICJiZWVzIjogMTY1MDI4MjEzMzQ1MiwgInNtYXJ0IjogMTY1MDI4MjEzMzQ1MiwgInNvbiI6IDE2NTAyODIxMzM0NTIsICJwcG50IjogMTY1MDI4MjEzMzQ1Mn0=
.androidpolice.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.androidpolice.com/ Name: _ga
Value: GA1.2.2035479511.1650282133
.androidpolice.com/ Name: _gid
Value: GA1.2.2087370814.1650282134
.androidpolice.com/ Name: _gat
Value: 1
.3lift.com/ Name: tluid
Value: 3105513479825803323452
.casalemedia.com/ Name: CMID
Value: Yl1OlcpEajYsSWK-RgZzFQAA
.casalemedia.com/ Name: CMPS
Value: 3239
.androidpolice.com/ Name: _au_1d
Value: AU1D-0100-001650282134-319TPMV2-SQTW
.adnxs.com/ Name: uuid2
Value: 4715248548087402202
.androidpolice.com/ Name: _au_last_seen_apn
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_ttd
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_pub
Value: 1650282133963
.spotxchange.com/ Name: audience
Value: 973da4fc-bf0c-11ec-9721-130dfa940306
.androidpolice.com/ Name: _au_last_seen_adx
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_halo
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_goo
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_taboola
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_ado
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_unruly
Value: 1650282133963
.androidpolice.com/ Name: _au_last_seen_impr
Value: 1650282133963
.casalemedia.com/ Name: CMPRO
Value: 1198
.adsrvr.org/ Name: TDID
Value: 70a3bff5-cc2f-4dae-9bc8-fc7403c07a82
www.androidpolice.com/ Name: _lr_geo_location
Value: DE
.narrativ.com/ Name: uid_bam
Value: 1771976948801600283
.doubleclick.net/ Name: IDE
Value: AHWqTUmZwx_HTlPtYY5oXY_Chu1_v06WAoNQgSQuw68gICqdegC9pmKUE0hnnx_y9ZY
.creativecdn.com/ Name: u
Value: dnSlWSYeB2kbu01fL3Ax
.creativecdn.com/ Name: ts
Value: 1650282134
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
.tremorhub.com/ Name: tvid
Value: d16eda25062b4677acec3eeec7b5abb1
.androidpolice.com/ Name: _clck
Value: ekwgvg|1|f0q|0
.adscale.de/ Name: uu
Value: 5785142e97f84ebe972338a98d1e7445
.demdex.net/ Name: demdex
Value: 32049729715179536262208832275767558486
.androidpolice.com/ Name: _clsk
Value: xece4j|1650282134794|1|1|j.clarity.ms/collect
.ad.gt/ Name: last_seenadx
Value: 1650282134774
.ad.gt/ Name: au_id
Value: AU1D-0100-001650282134-319TPMV2-SQTW
.ad.gt/ Name: first_seenadx
Value: 1650282134774
.ad.gt/ Name: last_seeng_hosted
Value: 1650282134774
.ad.gt/ Name: g_hosted
Value:
.ad.gt/ Name: last_seenadnxs
Value: 1650282134775
.ad.gt/ Name: first_seenadnxs
Value: 1650282134775
.ad.gt/ Name: last_seentd
Value: 1650282134775
.ad.gt/ Name: first_seentd
Value: 1650282134775
.dpm.demdex.net/ Name: dpm
Value: 32049729715179536262208832275767558486
.360yield.com/ Name: tuuid
Value: ef0c3781-64bc-4666-8a9c-3d581c46f2ab
.360yield.com/ Name: tuuid_lu
Value: 1650282134
.androidpolice.com/ Name: _awl
Value: 2.1650282134.0.5-21f24c6f4267796f82cca9c03c263ce6-6763652d6575726f70652d7765737431-0
.androidpolice.com/ Name: _admrla
Value: 2.0-21f24c6f-4267-796f-82cc-a9c03c263ce6
.ibillboard.com/ Name: ibbid
Value: BBID-01-03249961349315755-16580088
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307080
Value: dnSlWSYeB2kbu01fL3Ax
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
.casalemedia.com/ Name: CMST
Value: Yl1OlWJdTpcA
.ad.gt/ Name: last_seenpbm
Value: 1650282134775
.ad.gt/ Name: first_seenpbm
Value: 1650282134775
.ad.gt/ Name: last_seenhaloid
Value: 1650282134868
.ad.gt/ Name: first_seenhaloid
Value: 1650282134868
.ad.gt/ Name: last_seenunruly
Value: 1650282134880
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6758373342836029210
.ad.gt/ Name: last_seenadb
Value: 1650282134989
.ad.gt/ Name: last_seenimprove
Value: 1650282135023
.console.adtarget.com.tr/ Name: vmuid
Value: 50047b0f429a1582
.console.adtarget.com.tr/ Name: a307565
Value: 5785142e97f84ebe972338a98d1e7445
.criteo.com/ Name: uid
Value: 00922ab3-f1c8-43b9-8ebd-90e79908dd49
.mathtag.com/ Name: uuid
Value: beee625d-4e97-4100-95e7-1885489c8389
.bing.com/ Name: MUID
Value: 10CD8A33DB2961B932E49BB9DAA26092
.yahoo.com/ Name: A3
Value: d=AQABBJdOXWICEMdOGMM5UvMunvI9LdwaPaIFEgEBAQGgXmJnYgAAAAAA_eMAAA&S=AQAAAhNMWLW_ThWgOAKkA3gWu6s
.adscale.de/ Name: cct
Value: 1650282136076
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1f3b350f-6fa8-424a-8193-d9c21c6788de"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTAyODIxMzY7MjswMjHkYrYRJz39OVkwXCjJw0EiOt1g7ZLZMFFj2HjEfHam4Q==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2701:u=1:x=1:i=1650282136:t=1650368536:v=2:sig=AQHvoPCtom6Du-HC2VyS9O-S_Ykl7Txe"
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1650282136294
.m6r.eu/ Name: id
Value: d600bf293ba0b5af9bd0a27e26e11b50
.ih.adscale.de/ Name: tu
Value: 4#359487332#48~d600bf293ba0b5af9bd0a27e26e11b50~458411~0~0#101~BBID-01-03249961349315755-16580088~458411~0~0#38~CAESEP1GwImkHDJOTG4RNvLPAMY~458411~0~0#39~beee625d-4e97-4100-95e7-1885489c8389~458411~0~0#40~00922ab3-f1c8-43b9-8ebd-90e79908dd49~458411~0~0#42~6758373342836029210~458411~0~0#75~4715248548087402202~458411~0~0#63~Yl1OlcpEajYsSWK-RgZzFQAA&1198~458411~0~0
.c.bing.com/ Name: SRM_B
Value: 10CD8A33DB2961B932E49BB9DAA26092
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 10CD8A33DB2961B932E49BB9DAA26092
.c.clarity.ms/ Name: ANONCHK
Value: 0
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiaupfc0M7QOhAFGAEgASgCMgsImrKaiefO0DoQBTgBWghwdWJtYXRpY2AC
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKICRaXLpmeE1YZ-xY1THJE&KRTB&16514-CAESEKICRaXLpmeE1YZ-xY1THJE&KRTB&23025-CAESEKICRaXLpmeE1YZ-xY1THJE
.pubmatic.com/ Name: PUBMDCID
Value: 3
.simpli.fi/ Name: suid
Value: 4D84A5CB41B3482DA421484DC210A486
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~24eb
.turn.com/ Name: uid
Value: 3875150088577712027
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yl1OmQAC3skqgQAZ
.bidr.io/ Name: bito
Value: AAC2pE7Eup0AADXoLfG1LA
.bidr.io/ Name: bitoIsSecure
Value: ok
.console.adtarget.com.tr/ Name: a307406
Value: ${UID}BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:beee625d-4e97-4100-95e7-1885489c8389&KRTB&16736-uid:beee625d-4e97-4100-95e7-1885489c8389&KRTB&23019-uid:beee625d-4e97-4100-95e7-1885489c8389&KRTB&23208-uid:beee625d-4e97-4100-95e7-1885489c8389
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3875150088577712027
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yl1OmQAC3skqgQAZ&KRTB&22978-Yl1OmQAC3skqgQAZ&KRTB&23194-Yl1OmQAC3skqgQAZ&KRTB&23209-Yl1OmQAC3skqgQAZ
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-70a3bff5-cc2f-4dae-9bc8-fc7403c07a82&KRTB&22918-70a3bff5-cc2f-4dae-9bc8-fc7403c07a82&KRTB&23031-70a3bff5-cc2f-4dae-9bc8-fc7403c07a82
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5157c509eec2c4d8
.pubmatic.com/ Name: SPugT
Value: 1650282138
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156595:4
.pubmatic.com/ Name: DPSync3
Value: 1650326400%3A174%7C1651449600%3A197_219_221_226_228_201%7C1650844800%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1651104000%3A63%7C1652832000%3A224%7C1651449600%3A8_239_178_99_7_165_55_166_71_234_222_231_48_56_240_13_176_57_21_220_204_189_22_3_96_233_54_5_104%7C1655424000%3A69%7C1650844800%3A223_15_38_2%7C1651536000%3A35
.acuityplatform.com/ Name: auid
Value: 663966108261
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQA8PMG+ImGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUAPDzBviI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.quantserve.com/ Name: d
Value: EJIBCwH3JfijAA
.quantserve.com/ Name: mc
Value: 625d4e9b-1cb50-0f167-1d594
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-663966108261
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8pXeI_DC0iXplogl8ZfGd6KW3XDplo9y_ZM_6oCo&KRTB&19420-8pXeI_DC0iXplogl8ZfGd6KW3XDplo9y_ZM_6oCo&KRTB&22979-8pXeI_DC0iXplogl8ZfGd6KW3XDplo9y_ZM_6oCo
.fiftyt.com/ Name: fifid
Value: 41e0c50f-9f0a-4701-7c10-448be09323b3
.fiftyt.com/ Name: cs
Value: MTY1MDI4MjEzOXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHQwgLK9SwkdOnpMIuNc-onDFPzmqLkWHI9XIRq3LbhL
.onaudience.com/ Name: cookie
Value: b7794c3d848d3a50
.onaudience.com/ Name: done_redirects161
Value: 1
.fiftyt.com/ Name: fppm
Value: 20220418114219
.semasio.net/ Name: SEUNCY
Value: 530F2762EC32564C
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.agkn.com/ Name: ab
Value: 0001%3Ab5vveA1fWmtelcOFYalhjEOfdhwfOcCB
ads.playground.xyz/ Name: connect.sid
Value: s%3AKoE1dCmoPXCo9eUXznURhiDDclyBzPEU.%2FTXk%2FoV731eVFhxLJVX7Tunk73isgOtj%2BBgdncEten8
.tribalfusion.com/ Name: ANON_ID
Value: awnoeUyOZbSToJTyHtYcpDFOUY9RDToIaCXHRmXka
.onaudience.com/ Name: done_redirects219
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-535d6be2-b207-45a1-9d11-b38c02a319bb&KRTB&23340-535d6be2-b207-45a1-9d11-b38c02a319bb
.pubmatic.com/ Name: PugT
Value: 1650282139
.inmobi.com/ Name: idsp_c
Value: bb8b5a83-40bb-499c-88d9-f9c6a10abfe9

3 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/420486.gif?partner_uid=BFAA40BE-D1AA-46E2-85A2-07C77CAC50AD
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60687.publishers.tremorhub.com
a.ad.gt
a.tribalfusion.com
aa.agkn.com
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adscale-emea.adnxs.com
ampcid.google.com
ampcid.google.de
androidpolice.disqus.com
api.narrativ.com
app.convertkit.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bbnaut.ibillboard.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.parsely.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
creativecdn.com
csync.loopme.me
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
events.release.narrativ.com
f.convertkit.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.halo.ad.gt
ids.ad.gt
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.getadmiral.com
j.clarity.ms
js.adscale.de
live.primis.tech
loada.exelator.com
ls.skimresources.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
p.ad.gt
p.skimresources.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixels.ad.gt
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.skimresources.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.skimresources.com
s.tribalfusion.com
scarfsmash.com
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.narrativ.com
static1.anpoimages.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.console.adtarget.com.tr
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
t.skimresources.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
video.primis.tech
visitor.fiftyt.com
www.androidpolice.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
simage4.pubmatic.com
104.102.28.254
104.36.113.23
104.45.178.220
104.89.31.187
108.138.3.177
13.248.245.213
13.32.99.122
13.33.146.8
139.162.23.100
142.250.185.130
146.59.148.16
15.254.18.59
151.101.193.44
151.101.194.49
151.139.128.11
154.59.122.79
169.197.150.7
169.50.137.182
173.231.180.197
178.250.0.163
18.156.195.47
18.158.238.206
18.200.96.173
18.209.251.242
18.66.100.58
18.66.248.54
185.184.8.90
185.33.220.100
185.33.221.13
185.64.189.110
185.86.137.133
185.94.180.124
185.94.180.125
198.148.27.139
199.232.196.134
20.85.30.134
2001:678:cb4:bbbb::11
204.237.133.116
204.237.133.121
204.237.133.247
209.54.176.128
212.115.110.216
213.19.147.45
216.200.232.249
216.58.212.130
23.205.235.133
23.35.236.247
23.75.246.168
23.88.75.188
2600:1f18:612b:4216:99f2:7ef8:5bca:944d
2600:9000:2240:8e00:1a:5235:f980:93a1
2600:9000:224a:3c00:f:4f64:8940:93a1
2600:9000:224a:ca00:8:48e:53c0:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:4485
2606:4700:3037::ac43:c1e6
2606:4700:4400::ac40:98f5
2606:4700::6810:7baf
2606:4700::6812:ba39
2606:4700::6812:c039
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:21::14
2620:1ec:27::cafe:1425
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9c
2a02:fa8:8806:20::2040
2a04:4e42:600::300
2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.126.56.137
34.102.253.54
34.120.117.212
34.199.172.6
34.218.29.2
34.237.160.203
34.237.23.137
34.254.143.3
35.157.71.149
35.158.68.235
35.160.251.62
35.164.129.50
35.166.59.69
35.178.150.13
35.186.249.84
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.126
35.211.178.172
35.244.159.8
35.244.174.68
35.71.131.137
37.157.3.30
37.157.6.252
37.252.173.214
38.27.122.101
38.67.14.233
44.196.161.176
44.230.194.160
46.105.202.126
52.11.6.220
52.142.114.2
52.200.205.250
52.205.167.202
52.210.230.90
52.7.229.166
54.77.200.211
62.149.0.72
62.209.227.210
65.9.7.86
66.155.71.149
69.173.144.139
69.173.144.165
70.42.32.191
72.251.244.142
77.243.60.138
99.80.100.5
0177a18945f37ea98c8707bdc6f07b5a6e91b6affbfe0dd3cb2f3fbf4c93ef5a
0375b396ee741813158bda96fabc3295611b9ca67cd367aa31193cf80dacfe95
04d93ef7696242442ae678f3bf3b27d8ca0eadef3fb61fe07a55ab719b1b6a11
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05fde9258245fd1d1558ca071a747faedbd1a573c67e512d6b728cba8d6a37b8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077c8ecb8d6c0434c84a974bf662d9b37ab26e6f72dbf18da4628826e62eda7a
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f25eef1f15c5be98d251cc8b60a3cdaf0bb23672d313c8a62dd2037bbb7488e
0f4020071f4d6fbd6e07ddb16daf4859441c7454a0c733b019f7cb1adc8f4d49
139f4d813c9bd8563ac57d0ee50f9f6f1e53a4f4d1d42799fbe8b122887befad
152eb1c2a06a93f33680f266e08f17c955ec9752b388f91b64c3c5f152c9c818
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1d40f54cfc8d8edfd938608ca2eb84873935f28e1a8840ed61da9660fdb049c8
21ed56d48846d3272ed00c3539e637f2af9be7e81e2bf53c94d1a79c16bcbeeb
24c69f45f4ba1207f7123837a557d726a9aa513716e019ad8a2e6d1e16196c61
26a7e3dce40bfb944a2eb0b31156eefd8839acf898410b170ad0714330ae93b3
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
295941492338af0acc646044f4ad42adc96e631ae2bc38066d7cbbb79e6fd87b
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2c0950957ab0c3e5a6cd3f2150d5b4962745fb7f7b2ead2502e3b5620b4742e8
2d982a78b1da56ba84ff4f57aad9715cef56b27e56f4ed18f5b831a0f4d7d2e6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f65b37814d674a38e2813bcb3fd9590d449087dfb30420deec70327fef7d1cc
30e318a544b3917c5774863f478d299950104625a03083304d113d8fbc9782e4
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
46e15ddd3f3583786961d72eb1a81b34bc9dad89240a461dcf02b43c6aa9e9c7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b1d68c1355521ddd3ea76c5262e86a68c64d75b80fb08ddfa345860384076f8
4b3f9cfb0906d42c830920a7a3421e88209843ed315abea5069b32ccd2b23a1c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb2542d055c2aca6bea060656b8d3da6027dad7eb537bdcde68ec92bb8f5d9f
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
525dd6155dfa9448674459e3a41bfa9cd960fc9b09bc616c2bd6e4a17dbcd205
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
585ba2e57fc8fcc73e0fb77c7a0b8a11bac98f17c9233d5ecfe5b59bc5d88ddf
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5d71ecd87c2e843db272b3856943421246393a558225db7f01988b2cb2ff21d2
5fe8be00c6d7dba33728140224d2673a2f327e177632e401febf0d8999fde0d4
6053fc53889afb7eb32e9d8210687ef9828f294cfeb7ee74a8a05d60f7678cae
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61dfa117e6e1bf3bf5d9f7fbc83a79d63cee9b4dbf42eb27f3a63fedf1dcf811
624d529e0da6719af2df6d25615df0c3a7b2dd28c015a731dd0341f0600c5d12
6378f6326c6b8ed5ba7c9dd71718f4acfab15effd24a9c83974e4e8ea473879e
64a9045f1d510f2867f2ad8803096326fc95035508e103b7a15127cd39211423
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a0802795c78fd281b89bd758c8c428b1b0db0561297f8b0742ba974da7e25a8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aee4842dfff50c721dfbea2782bd5d6a3070f0cd192f75f9441178bf957639d
6e25a93c3c2ea981ac2735588e1136b7b8f41922108e9f6ca754ca7951eec700
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
71ac5b3b22b51b8819b5a128be8a44b5b50d23bca8830626a62c97c72be1c34d
726b2d9ab6da86c3ac5e3fd266d5521d9845729b10ff3d8373cd5e03883aead1
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ea26c2e155afa821d8a157303a6dc302c9d1740b36ae5313f0ece87a60c1e8f
80ff0aa15cda923f4d60bc9ab46edd62b35183c86beb9ad041db2499fac2fd1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b025d662daffd60182ba7a8c9e02a5ce11a2377512196ee55a1148e2da83269
8b0d1446f412484a2a7d1abb46ddc5de128d8aaf11b1fe04ac729ee4830c5e5b
8c1fc11142d7e1d34065775edaf174ca032b3d84b61c33d8b64780bb2bd4874d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dad17c7c62057440ce13ba42120968005b66d0d7125df6b3086e8588fded21e
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f6da7d312a4010d5fa2041a43dece31b4b1f259816f145e50f665a8c1b97ea9
9115bbf3b3dee88764e74ecdf31c2234ece91aa42a596a1d3ba11925662777ba
9130bafafbeee56d02271fdd5a7db6f2e15e839f8b64faad15a08610a93d7119
926952e0833e0acb9dd02fdbbe59bb8be77f8e7571aaedc900649b9513500e8b
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3b4da04d3eeab954867ddea8cb801f1631acd26fb7366e88e9aa287cfc3ed9
9e9369b1246a6b2dcc7768899b1887d3b16991218f3732a629db9f55d6d78faa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b07e89620200dd72bf464590ae089924352fc1ee9bba7f49ab12be0544164ef5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b4c9cd2be6160d785f4bca5a74ad9639a12aa2c389e27df36035aba94b3ec030
b7b7fb37ec681a6a1bd507ce80613c7343fb3b394b29e21e7b11d6a6df933f68
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be4f0cfc0c5e422805343aec04ef79f2e6d508aae6bb479ca530cd017cdd56dc
beb2002de39879be2ffdf83ea49dbafb70ea95e1d657fab132a2f57af16c268e
c16fe63d5e6c3d1acc9b2aedec440d98db4ebd7ea1bdfe9f26aab74e7be91a7e
c2f1e02e54fe66adc0d5f1f06048c30bb7cdf2645b7e0fc48c881923868f5f27
c5d5e7f685c3bb91e84b94b6738310b8e2de4056b4668c42131ec64b3f014e40
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c8451e01520e25fbd129deec5a20dc3bc728c176d50923c05c881f0108159d59
c8f2eaaf7e08f9de84042ef292ac32a702babdf1dd4bbd1fd0c138e719b819b4
c9c969c534018935993ccb32e0057bb637ba4898ed5784b8a86302961e3f0e99
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cecbfb8e56a3971faa9cb5f4abb89d53e8768cda12a332dfcb703797c4247dd5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26722e46b6160f5002ed50941243b07040e2b9b84481688c7256d4fb742684d
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
d6447b819f1671061eaef6eb9a388b162c8714aed75720e7e4a579f738e30cb6
d81828cb6797941c791685fd1e4a02ef73bf5f00eb7c1f66ef772315094cbae8
da9e900aa63bbc307d83bbcf54156decdde8edebdd4565ef5b6957a226376150
daac16a8dcbf772343d560088f23516e8235ab8c3450cae85cc1c61ad4aa6db2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df94dedfee1939b1fb1105b732e39680167d42447e22be8003611b8d5e7f45c6
e0f4b0f8b103d29e14533126ae15d0e0b0e8ef77177ee98da56c58b9fbd07769
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
e8fd802ce5042d308a2d650c3db8f60b2bd3b884f34d6ceabe0631a3a9e226f5
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ffeed0ceb0e14dfa1f0bd0fa79520b976f0ef6644190e09a2a1520feb76322
f50f06ac57aa3db04b5928db1c838b00f200b57f7f80c2e54963edfe918ed196
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6