www.gadgetsnow.com Open in urlscan Pro
2a02:26f0:6c00:1bb::3126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW...
Effective URL:
https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/8365742...
Submission: On June 20 via api (June 20th 2021, 12:45:54 am UTC) from SG

Summary HTTP 297 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 39 domains to perform 297 HTTP transactions. The main IP is 2a02:26f0:6c00:1bb::3126, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.gadgetsnow.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 23rd 2021. Valid for: a year.

This is the only time www.gadgetsnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
20	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::3126	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
17	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
12	2a02:26f0:64:... 2a02:26f0:64::214:84c1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:193::216f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:64:... 2a02:26f0:64::214:84d2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2a02:26f0:6c0... 2a02:26f0:6c00:1ab::216f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2a5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 3	65.9.77.30 65.9.77.30	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:710... 2a02:26f0:7100:290::2a5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:292::3857	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	35.156.10.121 35.156.10.121	16509 (AMAZON-02) (AMAZON-02)
14	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	65.9.77.25 65.9.77.25	16509 (AMAZON-02) (AMAZON-02)
4 42	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
8 15	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
7	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
3 3	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
10 13	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4 8	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
8 8	18.193.131.224 18.193.131.224	16509 (AMAZON-02) (AMAZON-02)
12 12	35.157.221.90 35.157.221.90	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
18 18	52.209.246.140 52.209.246.140	16509 (AMAZON-02) (AMAZON-02)
4 4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
4	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	52.17.35.107 52.17.35.107	16509 (AMAZON-02) (AMAZON-02)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
6 11	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:199::3621	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
297	46

2 2606:2c40::c73c:6702 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:26f0:6c00:1bb::3126 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.gadgetsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:64::214:84c1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:193::216f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

geoapi.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:64::214:84d2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:6c00:1ab::216f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.toiimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::2a5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

toiassets.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.77.30 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100:290::2a5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.growthrx.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.growthrx.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:292::3857 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

agi-static.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.156.10.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.77.25 (United States)

ASN16509 (AMAZON-02, US)

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

timesinternet-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.252.173.27 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.135.234 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.23 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.212.130 (Mountain View, United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.193.131.224 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-131-224.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.157.221.90 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.209.246.140 (Dublin, Ireland) 18 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-246-140.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.139 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.35.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-35-107.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:199::3621 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jssocdn.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

jsso.indiatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	613 KB
50	openx.net 8 redirects timesinternet-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	14 KB
39	doubleclick.net 10 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	246 KB
20	ampproject.org cdn.ampproject.org	399 KB
20	gadgetsnow.com www.gadgetsnow.com	287 KB
18	bidr.io 18 redirects match.prod.bidr.io	9 KB
15	adnxs.com 8 redirects ib.adnxs.com	12 KB
15	criteo.com bidder.criteo.com gum.criteo.com	4 KB
14	google.com 6 redirects adservice.google.com www.google.com	1 KB
14	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	6 KB
14	clmbtech.com static.clmbtech.com ade.clmbtech.com	308 KB
13	toiimg.com static.toiimg.com	152 KB
12	bidswitch.net 12 redirects x.bidswitch.net	5 KB
9	indiatimes.com geoapi.indiatimes.com toiassets.indiatimes.com agi-static.indiatimes.com jssocdn.indiatimes.com jsso.indiatimes.com	96 KB
8	w55c.net 8 redirects pm.w55c.net	6 KB
7	undertone.com hb.undertone.com	3 KB
7	emxdgt.com hb.emxdgt.com	1 KB
6	adform.net 6 redirects c1.adform.net	3 KB
4	googletagservices.com www.googletagservices.com	139 KB
4	smartadserver.com rtb-csync.smartadserver.com	652 B
4	pubmatic.com 4 redirects image2.pubmatic.com	1 KB
4	yahoo.com pr-bh.ybp.yahoo.com	2 KB
4	google.de adservice.google.de www.google.de	516 B
4	adsrvr.org match.adsrvr.org	1 KB
4	google-analytics.com www.google-analytics.com	58 KB
3	contextweb.com 3 redirects bh.contextweb.com	1 KB
3	quantserve.com 3 redirects pixel.quantserve.com	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	growthrx.in static.growthrx.in api.growthrx.in	11 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	28 KB
2	scoota.co 2 redirects r.scoota.co	1 KB
2	admedo.com 2 redirects pool.admedo.com	715 B
2	recordedfuture.com 1 redirects go.recordedfuture.com	4 KB
1	googleapis.com fonts.googleapis.com	662 B
1	nrich.ai 1 redirects dsp.nrich.ai	486 B
1	clientgear.com 1 redirects event.clientgear.com	260 B
1	criteo.net static.criteo.net	38 KB
1	indexww.com js-sec.indexww.com	36 KB
297	39

	Domain	Requested by
48	tpc.googlesyndication.com	www.gadgetsnow.com securepubads.g.doubleclick.net cdn.ampproject.org go.recordedfuture.com 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com tpc.googlesyndication.com
21	eu-u.openx.net	js-sec.indexww.com eu-u.openx.net
20	cdn.ampproject.org	securepubads.g.doubleclick.net
20	www.gadgetsnow.com	go.recordedfuture.com www.gadgetsnow.com
18	match.prod.bidr.io	18 redirects
17	securepubads.g.doubleclick.net	www.gadgetsnow.com securepubads.g.doubleclick.net go.recordedfuture.com
15	ib.adnxs.com	8 redirects js-sec.indexww.com
14	bidder.criteo.com	static.criteo.net
13	cm.g.doubleclick.net	10 redirects eu-u.openx.net
13	static.toiimg.com	www.gadgetsnow.com
12	x.bidswitch.net	12 redirects
12	static.clmbtech.com	www.gadgetsnow.com
11	www.google.com	6 redirects www.gadgetsnow.com 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com tpc.googlesyndication.com
11	timesinternet-d.openx.net	4 redirects www.gadgetsnow.com js-sec.indexww.com
10	us-u.openx.net	eu-u.openx.net
8	googleads.g.doubleclick.net	www.gadgetsnow.com 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
8	pm.w55c.net	8 redirects
8	rtb.openx.net	4 redirects eu-u.openx.net
7	as-sec.casalemedia.com	js-sec.indexww.com
7	htlb.casalemedia.com	js-sec.indexww.com
7	hb.undertone.com	js-sec.indexww.com
7	hb.emxdgt.com	js-sec.indexww.com
6	c1.adform.net	6 redirects
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
4	rtb-csync.smartadserver.com	eu-u.openx.net
4	image2.pubmatic.com	4 redirects
4	pr-bh.ybp.yahoo.com	eu-u.openx.net
4	7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	match.adsrvr.org	js-sec.indexww.com eu-u.openx.net
4	toiassets.indiatimes.com	www.gadgetsnow.com
4	www.google-analytics.com	www.gadgetsnow.com www.google-analytics.com
3	bh.contextweb.com	3 redirects
3	pixel.quantserve.com	3 redirects
3	sync.mathtag.com	3 redirects
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects www.gadgetsnow.com
2	api.growthrx.in	static.growthrx.in
2	jsso.indiatimes.com	jssocdn.indiatimes.com
2	r.scoota.co	2 redirects
2	pool.admedo.com	2 redirects
2	ade.clmbtech.com	www.gadgetsnow.com static.clmbtech.com
2	go.recordedfuture.com	1 redirects
1	jssocdn.indiatimes.com	www.gadgetsnow.com
1	gum.criteo.com	static.criteo.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	www.gstatic.com	7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
1	www.google.de	www.gadgetsnow.com
1	dsp.nrich.ai	1 redirects
1	event.clientgear.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	agi-static.indiatimes.com	www.gadgetsnow.com
1	static.growthrx.in	www.gadgetsnow.com
1	static.criteo.net	js-sec.indexww.com
1	geoapi.indiatimes.com	www.gadgetsnow.com
1	js-sec.indexww.com	www.gadgetsnow.com
297	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
shop.gadgetsnow.com
timesofindia.indiatimes.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
mmnotification.indiatimes.com DigiCert SHA2 Secure Server CA	`2021-04-23` - `2022-04-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
colombiaonline.com R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
videoplayer.indiatimes.com DigiCert Secure Site ECC CA-1	`2020-07-08` - `2021-09-22`	a year	crt.sh
data.indiatimes.com DigiCert SHA2 Secure Server CA	`2021-06-16` - `2022-06-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
samayam.indiatimes.com DigiCert SHA2 Secure Server CA	`2021-06-03` - `2022-06-07`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.undertone.com Amazon	`2020-11-03` - `2021-12-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
indiatimes.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
jsso.indiatimes.com Thawte RSA CA 2018	`2020-01-17` - `2022-01-16`	2 years	crt.sh

This page contains 23 frames:

Primary Page: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Frame ID: 5958863CD9F7FB53862C841A62662C6E
Requests: 136 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Frame ID: 47F871E0FA115EF6F22172A173C8250E
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Frame ID: E1577FE4CB48EF066C45A8736E1F0C34
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Frame ID: 49255D71BBE5A0B3267A496215EA7EF5
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Frame ID: 451E46B696E8686F5BD507601CF570C3
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Frame ID: CBE7616193D823CBFA799CD34AC30DF3
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Frame ID: 07A7A0158DD334275C03A7343B1D1B5D
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Frame ID: 579095B938661A27F718117FDE484652
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs
Frame ID: F93C5AB95BFC6A8ECB159E689E67AECE
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: F7B99CB3FE40AE168B7CE9DD7EA4BF49
Requests: 15 HTTP requests in this frame

Frame: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA09DE13473874321AF9C4374DA3F202
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: DDFF2EDA4AC90A9FFBC309036255DDEE
Requests: 14 HTTP requests in this frame

Frame: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 02BA35B8C2C5EF90D9BD585F0C89AF35
Requests: 12 HTTP requests in this frame

Frame: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5334772F2E26548D2E79F1C56887A75E
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs
Frame ID: C75A6EFABB643AFE14B8A43C2628EBE4
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Frame ID: A7754F0D1E497498E50D4EF4D6471B37
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2FC99968A1CCE96AA64F283E6B63978C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html
Frame ID: 81FC903BE9FA6E47914E498639D325A8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BA0F8B1DDEF8AE47865E788BCDA867BA
Requests: 2 HTTP requests in this frame

Frame: https://static.clmbtech.com/ctn/74721/images/19/8a6031802eab3d8c3808311c0fbfe12c_1623931416960_0.webp
Frame ID: 75D40AC413D55A0793F140C2C701FCBD
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gadgetsnow.com
Frame ID: CB13643E3B74105D96889A3562BA07C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 717C672505EC920E868B0C0F671BC72B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35D1A584570157FD0CCB7B9293CF50A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld... Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5... HTTP 307
https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-ap... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

297
Requests

100 %
HTTPS

58 %
IPv6

39
Domains

58
Subdomains

46
IPs

7
Countries

2453 kB
Transfer

6099 kB
Size

14
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/GadgetsNow

Search URL Search Domain Scan URL

URL: https://twitter.com/gadgetsnow

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gadgetsnow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4Gez3KnLoxurTz5W3U6SuA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gadgets_now/

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/smartphones/
Title: SMART PHONES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/best-selling-smartphones/
Title: BEST SELLING SMARTPHONES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/trending-4g-phones/
Title: TRENDING 4G PHONES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/new-releases/
Title: NEW RELEASES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/feature-phones/
Title: FEATURE PHONES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/also-in-stores/
Title: ALSO IN STORES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/accessories/
Title: MOBILE ACCESSORIES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/tablets/
Title: TABLETS

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/refurbished-mobiles/
Title: REFURBISHED MOBILES

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/wallet-offers
Title: WALLET OFFERS

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/best-mobiles-deal-of-the-day
Title: DEAL OF THE DAY

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/mobile-offers
Title: MOBILE OFFERS

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/computer-laptop/
Title: LAPTOPS

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/ac
Title: AIR CONDITIONERS

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/televisions
Title: TELEVISIONS

Search URL Search Domain Scan URL

URL: https://shop.gadgetsnow.com/refrigerators/
Title: REFRIGERATORS

Search URL Search Domain Scan URL

URL: https://timesofindia.indiatimes.com/
Title: The Times of India

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1 Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1?_ud=48da96dc-5d81-4f9b-b138-31bdde5c580a&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://sb.scorecardresearch.com/b?c1=2&c2=6036484&cs_ucfr=0&ns__t=1624149934414&ns_c=UTF-8&cv=3.5&c8=Joker%20%27virus%27%20continues%20to%20haunt%20Google%2C%20found%20in%20these%208%20Android%20apps%20%7C%20Gadgets%20Now&c7=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&cs_ucfr=0&ns__t=1624149934414&ns_c=UTF-8&cv=3.5&c8=Joker%20%27virus%27%20continues%20to%20haunt%20Google%2C%20found%20in%20these%208%20Android%20apps%20%7C%20Gadgets%20Now&c7=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&c9=

Request Chain 45

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864558&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._d9LCJDAD&cache=1624149934439&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39 HTTP 302
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864558&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._d9LCJDAD&cache=1624149934439&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39

Request Chain 53

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Nf5SORqh&cache=1624149934453&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39 HTTP 302
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Nf5SORqh&cache=1624149934453&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39

Request Chain 59

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._oWvjlZDv&cache=1624149934458&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39 HTTP 302
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._oWvjlZDv&cache=1624149934458&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39

Request Chain 63

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bghZxkJe&cache=1624149934463&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39 HTTP 302
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bghZxkJe&cache=1624149934463&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39

Request Chain 110

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=547860ce-8fae-4e00-a916-2e4766bade15

Request Chain 111

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UPX5Tl6j-05Lp6sbXvG3Hl6h_0pL_K0eBfCzopBw

Request Chain 112

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6754029531391018357

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKCkRf78fjeWgOgiOnwP30Y&google_cver=1

Request Chain 116

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e9f60ce-8fae-4600-9611-d3797eb8e7d5

Request Chain 117

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=AFHH5Q4HxeUbA5WzU1iJ4lVTxrYbWcXlVwQOnXDz

Request Chain 118

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4597998246119038020

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFS1oRy8t4hrhRHRS6Oy_7k&google_cver=1

Request Chain 122

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=884d60ce-8fae-4e00-9cff-94134c055785

Request Chain 123

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VjCGCVhmhAlNYtddUzXIDlA01VlNOYFeBGU3unbr

Request Chain 124

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=829054164514373065

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIsWCdlK4ttXHjh4Z0XUYsg&google_cver=1

Request Chain 128

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 130

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8FyTPI4R1LULAH5

Request Chain 131

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9d66445c-5b28-43e0-8074-41ddb7933131&user_group=1&ssp=openx&bsw_param=4ff0d2e0-f68d-4a3b-9821-28f911f36f30 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

Request Chain 132

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

Request Chain 133

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVGRFN0JuUjhBQURmYldyYmRNZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeyU7BnR8AADZsqR50sQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABeyU7BnR8AADZsqR50sQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 134

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 136

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=crqM90XC1LULAH5

Request Chain 137

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=16a773ca-dd16-4dba-8415-b9244030df3f&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

Request Chain 138

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

Request Chain 139

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVGRVN0JuUjhBQURmYldyYmRNZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeyU7BnR8AADZsqR50sQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABeyU7BnR8AADZsqR50sQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 140

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 142

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RKmJNtN61LULAH5

Request Chain 143

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk9bf0cbd9-e436-4622-914f-544dca3ccbff&expires=7&user_group=5&ssp=openx&bsw_param=4ff0d2e0-f68d-4a3b-9821-28f911f36f30 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

Request Chain 144

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

Request Chain 145

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZXlVN0JuUjhBQURac3FSNTBzUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 146

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 148

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=sc6yLorv1LULAH5

Request Chain 149

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=b00a967f-43ea-4ff4-a942-36d3ad285e16&expires=1&user_group=5&ssp=openx&bsw_param=4ff0d2e0-f68d-4a3b-9821-28f911f36f30 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

Request Chain 150

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

Request Chain 151

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeyU7BnR8AADZsqR50sQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=2&ev=AABeyU7BnR8AADZsqR50sQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 190

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 222

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 243

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 256

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 263

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

297 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMj... Show response
go.recordedfuture.com/e2t/tc/ 10 KB
3 KB 95ms
61ms Document
text/html 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a2ee44f4c97741eb4e4e146e5693a127e82d6bda3449c30f6aa76755a82877

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:33 GMT
content-type: text/html;charset=utf-8
cf-ray: 6620f99bfb832bf6-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0ac87a557a00002bf6200e1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 08576f0f-3c77-4eab-9a9d-9f68c54e2258
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aaXyt5wNLhJ1%2Be8sPu7ncocPAnhMb0ikFfksNmb9JrE%2Fpf7VfgWisgMDjqSa0%2BfRGgu%2BY9yUMFMJUT427Pe8RDg%2FoTSocbBeLypnxf229aSYrnepNQULxtfJ0VekgI%2BV6a59bF3rRqScc36KDaY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=28a1f2bbd91473eb36580ef5c1a1b61f7d9b5af0-1624149933; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request 83657428.cms Show response
www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2...
https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6Et...

168 KB
35 KB

226ms
123ms

Document
text/html

2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

96f263aa48bae522229135546429df533ae8e81e5991e145b7ac4254a6be4841

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:method: GET
:authority: www.gadgetsnow.com
:scheme: https
:path: /slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1

Response headers

server: nginx
content-type: text/html; charset=utf-8
etag: W/"29eba-VF7skicf2fmM1C3Pqd6z2iv39Dw"
vary: Accept-Encoding
content-encoding: gzip
content-length: 35214
expires: Sun, 20 Jun 2021 00:45:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 20 Jun 2021 00:45:33 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
strict-transport-security: max-age=86400

Redirect headers

date: Sun, 20 Jun 2021 00:45:33 GMT
location: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
cf-ray: 6620f99c7c0d2bf6-FRA
link: <https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0ac87a55ca00002bf6c9224000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 70905683-b0e6-488e-a86d-06c66feaed80
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2pB63vlhsRrnCEcQO91x6HVWBOlK%2BQNQJhkGJrkLKGfTwMOo9pWxeCfsGRFRJ3tlnz47xv6Br46aAy%2BRyYIltImSoBtHYWrY6HsH9M3HIEkNkbo%2FJ%2Fun7X%2BGVDiK5RUMlxlRT0Pvfjcao3%2B3vUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1253
date: Sun, 20 Jun 2021 00:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 20 Jun 2021 02:24:40 GMT

GET
H/1.1 200
OK 193119-87363260256000.js Show response
js-sec.indexww.com/ht/p/ 121 KB
36 KB 72ms
30ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 957a350dbc16b9aab51e0b7f7238eb63c2886ae0aec8995172df99cd55248f0d

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 00:45:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 20 Jun 2021 00:36:52 GMT
Server: Apache
ETag: "da4d10-1e515-5c527c0c654f3"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3121
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 36103
Expires: Sun, 20 Jun 2021 01:37:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
22 KB 49ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2c8289dbe1f262e60bd56c53cd3f905b2b6527e0dfa017e612663f6e4ef76d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "907 / 373 of 1000 / last-modified: 1624054181"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21708
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:33 GMT

GET
H2 200 colombia_v11.js Show response
static.clmbtech.com/ad/commons/js/2658/ 60 KB
17 KB 30ms
6ms Script
application/javascript 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.clmbtech.com/ad/commons/js/2658/colombia_v11.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

ae6e2d22cdc191bfde8a40e3cc261fb4064011eb0bb4815064929469c9b43142

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "eea2-5bece3f4d18b7-gzip"
vary: Accept-Encoding
content-length: 17282
last-modified: Wed, 31 Mar 2021 05:18:38 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Sun, 20 Jun 2021 00:45:33 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 21 Jun 2021 00:45:33 GMT

GET
H/1.1 200
OK / Show response
geoapi.indiatimes.com/ 92 B
411 B 53ms
8ms Script
text/html 2a02:26f0:6c00:193::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://geoapi.indiatimes.com/?cb=1
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:193::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 816c1eebe720fccc09d76d4f239838516a1c65831c00af3586a59ed253239119

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:33 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Edgescape-API: geo_region=85,country_code=DE,region_code=HE,city=FRANKFURT, continent=EU
Content-Length: 92
Expires: Sun, 20 Jun 2021 00:45:33 GMT

GET
H2 200 var=_ccaud Show response
ade.clmbtech.com/cde/ae/2658/ 425 B
738 B 160ms
136ms Script
application/javascript 2a02:26f0:64::214:84d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ade.clmbtech.com/cde/ae/2658/var=_ccaud?_u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bcd32d026525fd11f6e6cbdbd3b7c7f6f85655eda2d368cc4a6d5d030fd1749b

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
vary: Origin
server: nginx
date: Sun, 20 Jun 2021 00:45:34 GMT
x-frame-options: sameorigin
access-control-allow-methods: POST, GET
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 425
x-xss-protection: 1; mode=block

GET
H2 200 79512580.cms
static.toiimg.com/photo/ 5 KB
2 KB 24ms
6ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/79512580.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2bf9a5b8883eafc3205d36687ebfaa7dcd90acb6119540c76015114d8e0c3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
etag: 4704
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=25473565
date: Sun, 20 Jun 2021 00:45:33 GMT
content-disposition: inline; filename=79512580.svg
appgn: 17224805701231618007376771
content-length: 1791
x-xss-protection: 1; mode=block, 1; mode=block
expires: Sun, 10 Apr 2022 20:44:58 GMT

GET
H2 200 79837759.cms
static.toiimg.com/photo/ 2 KB
1 KB 25ms
7ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/79837759.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f5e7579319c1019f19752e7f9d855307d3bef02ec7b57e7b1b0bc549ea697b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: 2215
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=16280273
date: Sun, 20 Jun 2021 00:45:33 GMT
content-disposition: inline; filename=79837759.svg
appgn: 17229642801231609164453920
content-length: 1007
x-xss-protection: 1; mode=block
expires: Sat, 25 Dec 2021 11:03:26 GMT

GET
H2 200 79512578.cms
static.toiimg.com/photo/ 11 KB
4 KB 32ms
14ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/79512578.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fcd62eee1df598b504601fe6635c969e534ee8b37665f31e26cda30a9f0b7532

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
etag: 10834
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=17234213
date: Sun, 20 Jun 2021 00:45:33 GMT
content-disposition: inline; filename=79512578.svg
appgn: 172248023301231609326639168
content-length: 3661
x-xss-protection: 1; mode=block, 1; mode=block
expires: Wed, 05 Jan 2022 12:02:26 GMT

GET
H2 200 74097323.cms
static.toiimg.com/photo/ 44 KB
45 KB 24ms
8ms Image
image/webp 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/74097323.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f2b44004f887b842b12ea54876b75b5f8d06ce31745fe245b4caffe6b2df73fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
x-content-type-options: nosniff
server: nginx
etag: 26272
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=10270773
date: Sun, 20 Jun 2021 00:45:33 GMT
appgn: 17229642701231603130239555
content-length: 45420
x-xss-protection: 1; mode=block
expires: Sat, 16 Oct 2021 21:45:06 GMT

GET
H2 200 81245133.cms
static.toiimg.com/photo/ 51 KB
20 KB 30ms
15ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/81245133.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

18e45783d358f056926deccd0f793803ce1da8f73ef04b17637ba6d7f7f4a160

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
etag: 52423
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=25180665
date: Sun, 20 Jun 2021 00:45:33 GMT
content-disposition: inline; filename=81245133.svg
appgn: 172248015101231618226580077
content-length: 20335
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 07 Apr 2022 11:23:18 GMT

GET
H2 200 76848790.cms
static.toiimg.com/photo/ 4 KB
2 KB 12ms
6ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/76848790.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

860f4c80a9fc666221a2ae804ccf758683a1318f25a580281587ce70c1f59c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
etag: 3585
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=25473558
date: Sun, 20 Jun 2021 00:45:33 GMT
content-disposition: inline; filename=76848790.svg
appgn: 17229642701231618389973848
content-length: 1718
x-xss-protection: 1; mode=block, 1; mode=block
expires: Sun, 10 Apr 2022 20:44:51 GMT

GET
H2 200 79512587.cms
static.toiimg.com/photo/ 17 KB
8 KB 14ms
8ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/79512587.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5e768c0b00ea9f81b1effbd05369928647dad333e67f7d9c9eacbfce05e46009

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: 17795
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=16280413
date: Sun, 20 Jun 2021 00:45:33 GMT
content-disposition: inline; filename=79512587.svg
appgn: 17224806801231609313762804
content-length: 8329
x-xss-protection: 1; mode=block
expires: Sat, 25 Dec 2021 11:05:46 GMT

GET
H2 200 71149155.cms
static.toiimg.com/photo/ 1 KB
930 B 13ms
7ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/71149155.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

de4b846f289a63be3f3310afd5bc823396b1ece130838e5e36c8e74cae55b369

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
etag: 1170
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=25473756
date: Sun, 20 Jun 2021 00:45:33 GMT
content-disposition: inline; filename=71149155.svg
appgn: 172296412101231618065944382
content-length: 559
x-xss-protection: 1; mode=block, 1; mode=block
expires: Sun, 10 Apr 2022 20:48:09 GMT

GET
H2 200 montserrat-v14-latin-regular.woff2
toiassets.indiatimes.com/fonts/ 19 KB
19 KB 31ms
6ms Font
font/woff2 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toiassets.indiatimes.com/fonts/montserrat-v14-latin-regular.woff2
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Request headers

Origin: https://www.gadgetsnow.com
Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: D5E3A5A7808C1744
content-length: 19200
x-amz-id-2: sItR6dEvUD34PDtqdxj+9c7cc/hXeo1FTmP6G0ZOLwUvh1DBt2dPoMsUfOa1KDyOtn2X76pyTXw=
last-modified: Wed, 09 Oct 2019 11:04:00 GMT
server: AmazonS3
etag: "09bb3295bb4c7cb2f997cb08840c1e10"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 20 Jul 2021 00:45:33 GMT

GET
H2 200 montserrat-v14-latin-500.woff2
toiassets.indiatimes.com/fonts/ 19 KB
19 KB 31ms
7ms Font
font/woff2 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toiassets.indiatimes.com/fonts/montserrat-v14-latin-500.woff2
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Request headers

Origin: https://www.gadgetsnow.com
Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9D45519A65083764
content-length: 19300
x-amz-id-2: 9Ds/q1QGpVdlHlXVPus31h6Toi2j70FTK+8trvJeTQuZUeoqEyXmWD1luG2gs2lIMKo/BIY967s=
last-modified: Wed, 09 Oct 2019 11:04:00 GMT
server: AmazonS3
etag: "7e1c2992dbd240e02baf04fa3398c3a1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 20 Jul 2021 00:45:33 GMT

GET
H2 200 montserrat-v14-latin-700.woff2
toiassets.indiatimes.com/fonts/ 19 KB
19 KB 35ms
12ms Font
font/woff2 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toiassets.indiatimes.com/fonts/montserrat-v14-latin-700.woff2
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Request headers

Origin: https://www.gadgetsnow.com
Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 02B6C6C4C7FAFF4E
content-length: 19508
x-amz-id-2: PNqmGP1PYFKb+NcNos9nA68aiQHT+kT6w7BQ2gMeytoICEmXJk1I8/gvYpCx1RL6c9KdpzXOE+A=
last-modified: Wed, 09 Oct 2019 11:04:00 GMT
server: AmazonS3
etag: "d80e500c5ef8e877664ee4baf632a363"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 20 Jul 2021 00:45:33 GMT

GET
H2 200 montserrat-v14-latin-600.woff2
toiassets.indiatimes.com/fonts/ 19 KB
19 KB 35ms
13ms Font
font/woff2 2a02:26f0:6c00:28a::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toiassets.indiatimes.com/fonts/montserrat-v14-latin-600.woff2
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Request headers

Origin: https://www.gadgetsnow.com
Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 618F5D501F3E6E6A
content-length: 19292
x-amz-id-2: sVajUXneux98zAlx9bCFvDTK7rfjeU8gsdilquQLgTh0T1OMJrggx/7Tf57wOsN1fNJspRSteWY=
last-modified: Wed, 09 Oct 2019 11:03:59 GMT
server: AmazonS3
etag: "ea72f112cb0c18811d405d0c249ccec4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 20 Jul 2021 00:45:33 GMT

GET
H2 200 bootstrap.7ea5dfd9.js Show response
www.gadgetsnow.com/gnassets/ 10 KB
4 KB 10ms
8ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/bootstrap.7ea5dfd9.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1882298b946e3fc54f194fcee9eb919b48565b41db5a60bb9334b1d44c469144

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/bootstrap.7ea5dfd9.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 3808
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402200
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:35:34 GMT

GET
H2 200 vendors.c635b01c.chunk.js Show response
www.gadgetsnow.com/gnassets/ 300 KB
88 KB 13ms
11ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/vendors.c635b01c.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6c29a79406d965fdece620d1039834481a5f7346d722f592cc97d414505191af

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/vendors.c635b01c.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: br
last-modified: Thu, 10 Jun 2021 09:37:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=30754298
access-control-allow-credentials: false
strict-transport-security: max-age=86400
access-control-allow-headers: *
content-length: 89750
expires: Fri, 10 Jun 2022 23:37:12 GMT

GET
H2 200 client.59b97e3a.chunk.js Show response
www.gadgetsnow.com/gnassets/ 60 KB
17 KB 19ms
17ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/client.59b97e3a.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c666ce1a6c36a90661b63166f90a7f9b68ca763d54feabeee914f2d4c443a4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/client.59b97e3a.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 16966
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402460
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:39:54 GMT

GET
H2 200 vendors~articleshow_desktop~articleshow_desktop-ArticleShow~comparelanding_desktop~comparelanding_de~6de7e524.9df4317c.chunk.js Show response
www.gadgetsnow.com/gnassets/ 57 KB
15 KB 19ms
18ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/vendors~articleshow_desktop~articleshow_desktop-ArticleShow~comparelanding_desktop~comparelanding_de~6de7e524.9df4317c.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1019d4536ff56f5984458a45ec1dd3fe32d83ec5cecb8ce9b0c675fed7330b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/vendors~articleshow_desktop~articleshow_desktop-ArticleShow~comparelanding_desktop~comparelanding_de~6de7e524.9df4317c.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 14782
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402497
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:40:31 GMT

GET
H2 200 vendors~articleshow_desktop~comparelanding_desktop~compareshow_desktop~gadgetshow_desktop~home_deskt~e7ee71a2.e0d6126a.chunk.js Show response
www.gadgetsnow.com/gnassets/ 35 KB
9 KB 22ms
20ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/vendors~articleshow_desktop~comparelanding_desktop~compareshow_desktop~gadgetshow_desktop~home_deskt~e7ee71a2.e0d6126a.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

88d500c0d33f72c554b487194ee3154b5d440fccec738707db1ed6eeb5fcf0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/vendors~articleshow_desktop~comparelanding_desktop~compareshow_desktop~gadgetshow_desktop~home_deskt~e7ee71a2.e0d6126a.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 8716
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402327
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:37:41 GMT

GET
H2 200 vendors~slideshow_components-SlideShowDetail-SlideShowDetail~slideshow_desktop~slideshow_desktop-Sli~682b0e01.25128fa0.chunk.js Show response
www.gadgetsnow.com/gnassets/ 22 KB
7 KB 25ms
24ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/vendors~slideshow_components-SlideShowDetail-SlideShowDetail~slideshow_desktop~slideshow_desktop-Sli~682b0e01.25128fa0.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

af3ecf4b1d4d507da67985812f69cbcc5c7d57edc7792e4c01fcb5dd6e04a46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/vendors~slideshow_components-SlideShowDetail-SlideShowDetail~slideshow_desktop~slideshow_desktop-Sli~682b0e01.25128fa0.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 6566
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402483
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:40:17 GMT

GET
H2 200 articleshow_desktop~articleshow_desktop-ArticleShow~articleshow_mobile~articleshow_mobile-ArticleSho~2648a188.4cf0bc79.chunk.js Show response
www.gadgetsnow.com/gnassets/ 17 KB
5 KB 28ms
27ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/articleshow_desktop~articleshow_desktop-ArticleShow~articleshow_mobile~articleshow_mobile-ArticleSho~2648a188.4cf0bc79.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3b18e345edc892437ad4bc2545e71dfe96f8871be788026d695e215e609010e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/articleshow_desktop~articleshow_desktop-ArticleShow~articleshow_mobile~articleshow_mobile-ArticleSho~2648a188.4cf0bc79.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 5097
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402440
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:39:34 GMT

GET
H2 200 slideshow_desktop.34a1c879.chunk.js Show response
www.gadgetsnow.com/gnassets/ 314 KB
67 KB 31ms
30ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/slideshow_desktop.34a1c879.chunk.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5799af653d0bcb14b127d69041b1b5e8b5cd6bb58ccada5ea22f3abd4295a1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/slideshow_desktop.34a1c879.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 67986
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402467
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:40:01 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 23:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:53:10 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 43ms
13ms Script
application/javascript 65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:27:58 GMT
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: Mfr7tQ-cC-kueQR919qOUjT0-tYvmJdjioskJZFQWhhy_tvTzyKZqg==

GET
H3-29 200 pubads_impl_2021061703.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
113 KB 29ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 23:53:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116094
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 42ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:10:01 GMT
server: nginx
etag: W/"60b79139-1d469"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Jun 2021 00:45:34 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
546 B 100ms
33ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=193119
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 44eb57b314c5a2db3b46e1733c8d5613dca04fc9c8def433ecfd735d3c72261a

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 20 Jul 2021 00:45:34 GMT

GET
H2 200 site_config.cms Show response
www.gadgetsnow.com/ 340 B
535 B 124ms
123ms XHR
application/json 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/site_config.cms?feedtype=json

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/vendors.c635b01c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

87b242d3d1d01f701bc702a17a466721b23595794511add0c9160180127ab1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /site_config.cms?feedtype=json
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cool: 76.27
strict-transport-security: max-age=86400
content-length: 171
content-msg: DATA_SERVED_FROM_CACHE
last-modified: Sun, 20 Jun 2021 00:44:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-language: en-US
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=229
access-control-allow-credentials: false
content-type: application/json;charset=UTF-8
access-control-allow-headers: *
expires: Sun, 20 Jun 2021 00:49:23 GMT

GET
H2 200 wdt_feed_navigation_ajax.cms Show response
www.gadgetsnow.com/ 8 KB
2 KB 126ms
126ms XHR
application/json 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/wdt_feed_navigation_ajax.cms?sectionid=gadgets&feedtype=json

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/vendors.c635b01c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

98998e51489b6a9be3288625cb3d4e5c1e3f96abec878ec072b37b3d911bbfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /wdt_feed_navigation_ajax.cms?sectionid=gadgets&feedtype=json
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: br
x-cool: 76.27
access-control-max-age: 86400
content-length: 1191
content-msg: DATA_SERVED_FROM_CACHE
last-modified: Sun, 20 Jun 2021 00:23:00 GMT
server: nginx
strict-transport-security: max-age=86400
access-control-allow-methods: GET,POST
content-language: en-US
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2202
access-control-allow-credentials: false
content-type: application/json;charset=UTF-8
access-control-allow-headers: *
expires: Sun, 20 Jun 2021 01:22:16 GMT

GET
H2 200 wdt_feed_navigation_ajax.cms Show response
www.gadgetsnow.com/ 1 KB
726 B 157ms
157ms XHR
application/json 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/wdt_feed_navigation_ajax.cms?sectionid=shop&feedtype=json

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/vendors.c635b01c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0f78117c0d87089da7e17d9a4d8a2eda06833fdf7aff257da6ddb2b1aa328e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /wdt_feed_navigation_ajax.cms?sectionid=shop&feedtype=json
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: br
access-control-max-age: 86400
content-length: 387
content-msg: DATA_SERVED_FROM_CACHE
last-modified: Sun, 20 Jun 2021 00:29:48 GMT
server: nginx
strict-transport-security: max-age=86400
access-control-allow-methods: GET,POST
content-language: en-US
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2660
access-control-allow-credentials: false
content-type: application/json;charset=UTF-8
access-control-allow-headers: *
expires: Sun, 20 Jun 2021 01:29:54 GMT

GET
H2 200 web-sdk.js Show response
static.growthrx.in/js/v2/ 39 KB
11 KB 35ms
6ms Script
application/javascript 2a02:26f0:7100:290::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.growthrx.in/js/v2/web-sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:290::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

42dec028978d0ffc2c15bb09507c878590365de86850e6661c271fd663ec2d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 07:33:02 GMT
server: nginx
etag: W/"60b7342e-9a21"
x-frame-options: sameorigin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
date: Sun, 20 Jun 2021 00:45:34 GMT
content-length: 10850
x-xss-protection: 1; mode=block
expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H2 200 ibeat.min.js Show response
agi-static.indiatimes.com/cms-common/ 9 KB
10 KB 205ms
166ms Script
application/json 2a02:26f0:7100:292::3857
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://agi-static.indiatimes.com/cms-common/ibeat.min.js
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:292::3857 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34d1734ffada534ddcd84409527f77499626f6577c10e0a76e35e8de8944bff3

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
x-amz-request-id: 5ZKEXQGJ0451HJSE
content-length: 9629
x-amz-id-2: vKsR7mexa0BHQLl8PIVMHRR141OJO0kqhhyJB6tmFcdwg6c4Q71jPtGhobuGayG7Bvs1yCgeTGU=
last-modified: Fri, 26 Jun 2020 06:02:19 GMT
server: AmazonS3
etag: "3d4cf54c39a9f993b78323cb77ac2dc5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat Jun 26 11:32:16 IST 2021

GET
H2 200 83657428.jpg
static.toiimg.com/thumb/resizemode-4,msid-83657428,imgsize-92228,width-400/ 8 KB
8 KB 7ms
6ms Image
image/webp 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/thumb/resizemode-4,msid-83657428,imgsize-92228,width-400/83657428.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d2db81b4ede1bbf677baeb4287ea49e10f40cdd919964b14dc07490d970fa219

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
x-content-type-options: nosniff, nosniff
server: nginx
etag: 92228
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=31033130
date: Sun, 20 Jun 2021 00:45:34 GMT
appgn: 172248023401231624072656752
content-length: 7824
x-xss-protection: 1; mode=block, 1; mode=block
expires: Tue, 14 Jun 2022 05:04:24 GMT

GET
H2 200 83636699.jpg
static.toiimg.com/thumb/resizemode-4,msid-83636699,imgsize-21945,width-400/ 3 KB
3 KB 7ms
7ms Image
image/webp 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/thumb/resizemode-4,msid-83636699,imgsize-21945,width-400/83636699.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

12dc37fb4fcc5fd9cda6a7ba9ff5a96c140ec8bac8e1301c4612c1ca34a2d634

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
x-content-type-options: nosniff, nosniff
server: nginx
etag: 21945
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=30974911
date: Sun, 20 Jun 2021 00:45:34 GMT
appgn: 172296411301231624020840306
content-length: 2634
x-xss-protection: 1; mode=block, 1; mode=block
expires: Mon, 13 Jun 2022 12:54:05 GMT

GET
H2 200 83657447.jpg
static.toiimg.com/thumb/resizemode-75,msid-83657447,width-800,height-450/ 17 KB
17 KB 6ms
6ms Image
image/webp 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/thumb/resizemode-75,msid-83657447,width-800,height-450/83657447.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

93f69861694364b70815444082770b6ffb3e5c21f6d94b4c8deb39a6228e8329

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
x-content-type-options: nosniff, nosniff
server: nginx
etag: 92228
content-type: image/webp
imagemagick_im4java: 1
cache-control: max-age=31026903
date: Sun, 20 Jun 2021 00:45:34 GMT
appgn: 17224807401231624072243862
content-length: 17458
x-xss-protection: 1; mode=block, 1; mode=block
expires: Tue, 14 Jun 2022 03:20:37 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 99 KB
38 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T2MHVSK&cid=1653738162.1624149934

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1dd79afca7d3ccc2ba879dc8650f7483d21bc71c58ad21951f8d142bee85842e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38481
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036484&cs_ucfr=0&ns__t=1624149934414&ns_c=UTF-8&cv=3.5&c8=Joker%20%27virus%27%20continues%20to%20haunt%20Google%2C%20found%20in%20these%208%20Android%20a...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&cs_ucfr=0&ns__t=1624149934414&ns_c=UTF-8&cv=3.5&c8=Joker%20%27virus%27%20continues%20to%20haunt%20Google%2C%20found%20in%20these%208%20Android%20...

64 B
329 B

22ms
21ms

Image
image/gif

65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&cs_ucfr=0&ns__t=1624149934414&ns_c=UTF-8&cv=3.5&c8=Joker%20%27virus%27%20continues%20to%20haunt%20Google%2C%20found%20in%20these%208%20Android%20apps%20%7C%20Gadgets%20Now&c7=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&c9=
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: tKZ7COkS99vCJeaVaBrzg0HDNjlRrbRxQ20Rkb9VsW-NEgFf0SMP1g==

Redirect headers

date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036484&cs_ucfr=0&ns__t=1624149934414&ns_c=UTF-8&cv=3.5&c8=Joker%20'virus'%20continues%20to%20haunt%20Google%2C%20found%20in%20these%208%20Android%20apps%20%7C%20Gadgets%20Now&c7=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&c9=
content-length: 594
x-amz-cf-id: pzR9sT2QDLUEvLf3pLQnRRns3HPjtcaKkh4cttd3E1jW9Fm4I1zMoQ==

POST
H2 204 / Show response
hb.emxdgt.com/ 0
161 B 47ms
30ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1624149934434
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 67ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=13841655906
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 hb Show response
hb.undertone.com/ 0
450 B 291ms
255ms XHR
text/plain 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3991&domain=gadgetsnow.com&gdpr=&gdprstr=&ccpa=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: 2C7giD2ouwr63x_d8GQIfBKnDCfZoFoi98cg2ZawTyBTJmWYTS94dw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

arj Show response
timesinternet-d.openx.net/w/1.0/
Redirect Chain

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864558&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps...
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864558&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android...

230 B
414 B

18ms
17ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864558&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._d9LCJDAD&cache=1624149934439&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: dd0e89dd40929300c6131c15452ca4d4ad76deb8646102974fa8768ec582694c

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 218
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
location: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864558&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._d9LCJDAD&cache=1624149934439&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
755 B 36ms
8ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid: a29678ca-8dc2-4eb7-a628-be90997a0189
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gadgetsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
417 B 127ms
97ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=580094&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2269774198%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22584956%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22584970%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228b6a9b2c-a70e-4ef3-8542-8341e7e60a39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-20T00%3A45%3A34%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 362cc64442f923db7ce8e3da84fe3f3f88d2dc882d43a9388aebd600d36ca45b

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.gadgetsnow.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 12
expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
755 B 26ms
7ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.219:80
AN-X-Request-Uuid: 97fd2730-41f2-4ca1-b11d-9a443f57d8e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gadgetsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
415 B 208ms
188ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=580094&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2279734973%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22584959%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228b6a9b2c-a70e-4ef3-8542-8341e7e60a39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-20T00%3A45%3A34%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e942ed58479f7e42d27a357f91f41438f4b1dbd95b44f93bfc146e877dffdc2

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.gadgetsnow.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 84
x-ak-client-geo: 12
expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 52ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=61289637089
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:33 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 hb Show response
hb.undertone.com/ 0
450 B 118ms
97ms XHR
text/plain 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3991&domain=gadgetsnow.com&gdpr=&gdprstr=&ccpa=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: m-6SZDgUSMp9CwLUyDGxbMrsQ4ik4XfG_-jazlVer1h73Clyv3RQbg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 35ms
35ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1624149934452
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2

200

arj Show response
timesinternet-d.openx.net/w/1.0/
Redirect Chain

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphoto...
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2F...

230 B
413 B

18ms
17ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Nf5SORqh&cache=1624149934453&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: cab0d0e3774e71adf242faca602003116fb108995d0d5e285027b05fe12ce3d2

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 217
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
location: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Nf5SORqh&cache=1624149934453&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 44ms
43ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1624149934455
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
754 B 21ms
7ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid: c8fb3d67-b85c-443c-9dcd-5765b8114dd0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gadgetsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 50ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=80898533152
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
417 B 77ms
64ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=580094&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2299879401%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22584959%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228b6a9b2c-a70e-4ef3-8542-8341e7e60a39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-20T00%3A45%3A34%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b71947e88881d359d037dc5849bc00caa7b3005b0dfa7b2c68ea0791dbce80a2

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.gadgetsnow.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 12
expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
450 B 127ms
111ms XHR
text/plain 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3991&domain=gadgetsnow.com&gdpr=&gdprstr=&ccpa=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: Y6OlXy2hbndxvSi-ny22xfMvWhKZKbJH3Ph1t11eqNxlRJnvVWYhJA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

arj Show response
timesinternet-d.openx.net/w/1.0/
Redirect Chain

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphoto...
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2F...

230 B
409 B

17ms
17ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._oWvjlZDv&cache=1624149934458&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 2ae54bd23649cebf351c4bb07cd8cc4727e8943597baa7ebaf61eaa2712a29b1

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 216
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
location: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._oWvjlZDv&cache=1624149934458&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 204 hb Show response
hb.undertone.com/ 0
451 B 106ms
98ms XHR
text/plain 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3991&domain=gadgetsnow.com&gdpr=&gdprstr=&ccpa=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: IqufGjIjJe7zRZiwdljXs3lCkYYHvNKGmZzYiZetsssy8Vdrq3pFpw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 39ms
19ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=94135632421
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 38ms
35ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1624149934462
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2

200

arj Show response
timesinternet-d.openx.net/w/1.0/
Redirect Chain

https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphoto...
https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2F...

230 B
408 B

17ms
17ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bghZxkJe&cache=1624149934463&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 253f7cac12ef934cdfe9f36246cf7dfefc2ca047e900803cdc5ddb72e19ab96a

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 215
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
location: https://timesinternet-d.openx.net/w/1.0/arj?cc=1&auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._bghZxkJe&cache=1624149934463&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
755 B 28ms
12ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.249:80
AN-X-Request-Uuid: 6b2be632-27d7-488e-a579-02ce1a52c33e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gadgetsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
417 B 70ms
69ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=580094&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2210740891%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22584959%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228b6a9b2c-a70e-4ef3-8542-8341e7e60a39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-20T00%3A45%3A34%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 115abb17d6418139d2f72ebe7bbe6f5d7bf07afd9d3bd33e9ef211ffa0afdfc6

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.gadgetsnow.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 12
expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 26ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=87584165884
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 hb Show response
hb.undertone.com/ 0
452 B 266ms
259ms XHR
text/plain 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3991&domain=gadgetsnow.com&gdpr=&gdprstr=&ccpa=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-amz-cf-id: B-8ARIYrVfMrXr0QzWhu1oSJznDMGBJNulfxKjyJv4G37wvOgMXvXA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
timesinternet-d.openx.net/w/1.0/ 230 B
503 B 25ms
17ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._8CNQXCon&cache=1624149934477&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 304ba4b3313021da979c9dd51fb4cefa3eda0b1be3c9513602cee8a3f4bd0f5a

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 215
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 46ms
39ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1624149934477
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
415 B 73ms
65ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=580094&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2249955551%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22584959%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228b6a9b2c-a70e-4ef3-8542-8341e7e60a39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-20T00%3A45%3A34%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: acc7c5a5798e2d25d7902f84188a4044b8b495646ddec8bbb2c0ee6d422bfdce

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.gadgetsnow.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 84
x-ak-client-geo: 12
expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
755 B 13ms
10ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.252:80
AN-X-Request-Uuid: 1d210e66-b53e-438b-b3de-d359849b74d7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gadgetsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
417 B 68ms
68ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=580094&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2287455451%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22584959%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228b6a9b2c-a70e-4ef3-8542-8341e7e60a39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-20T00%3A45%3A34%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 55ef4a4c84f9fefce76f5d2327f735ed89dbc16726a64c1d84cb1be4220fdb99

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.gadgetsnow.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 12
expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 17ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=40471480725
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 hb Show response
hb.undertone.com/ 0
449 B 255ms
254ms XHR
text/plain 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3991&domain=gadgetsnow.com&gdpr=&gdprstr=&ccpa=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: 30-o9GYLqpvZk9DmcA8DWNysoVKFlaI38aWW0m1nqi-okenRmzuPGA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
755 B 7ms
7ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.248:80
AN-X-Request-Uuid: 6c4d610d-b678-4a08-96ab-fd12d41f6534
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gadgetsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
timesinternet-d.openx.net/w/1.0/ 230 B
412 B 19ms
18ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._04tUmJY2&cache=1624149934517&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: e8bf40ec9a61ab06f066c8e7dbcf4b16d9ff3d4d96d1b2babe0ff9cf71c1b413

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 216
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 47ms
47ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1624149934518
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
754 B 7ms
7ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.40:80
AN-X-Request-Uuid: 54cbe764-5e62-456b-81a7-36bcbc66d3e3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.gadgetsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 16ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=154&cb=76073336864
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
417 B 62ms
62ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=580094&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2209549636%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22584959%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228b6a9b2c-a70e-4ef3-8542-8341e7e60a39%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-06-20T00%3A45%3A34%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a804b6b68765ae93fcd09050d1dd8aaa096643f65f1b6efa72957414a801f2bc

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.gadgetsnow.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 12
expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
160 B 37ms
37ms XHR
text/plain 35.156.10.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1624149934522
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.10.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-10-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 arj Show response
timesinternet-d.openx.net/w/1.0/ 230 B
409 B 19ms
18ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://timesinternet-d.openx.net/w/1.0/arj?auid=543864560&aus=300x250&ju=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._V3BeM27N&cache=1624149934523&ttduuid=8b6a9b2c-a70e-4ef3-8542-8341e7e60a39
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 9a558f4172f04c1e49a56918866798aa055257215f58f7ed352ff285a035e61f

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 216
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
449 B 256ms
255ms XHR
text/plain 65.9.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3991&domain=gadgetsnow.com&gdpr=&gdprstr=&ccpa=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
x-amz-cf-id: jvEiyP8BkfeNTcAcbUm1Ocmm-2iXian-BXkIz2tSacABaqEOLMfI0Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gadgetsnow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gadgetsnow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 480 B
288 B 104ms
102ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=3718120706275971&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_OP_innov1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&eri=1&cust_params=BL%3D0%26sg%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624149934&dt=1624149934545&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7028&adks=2575511338&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x6839&msz=1600x0&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00a76d8b41107a03edfbb4d347b6fcfe31e7764a8393a36f90e0275c019fef01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 17ms
16ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 16ms
16ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 16ms
16ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:33 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 17ms
17ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 17ms
17ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:33 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 47F8 668 B
731 B 19ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 0f1f1197ed9dc48530d98355a97ac67d2199fd89346141e954bc57673034d510

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; Version=1; Expires=Mon, 20-Jun-2022 00:45:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624149934|gekin0vNiygu; Version=1; Expires=Mon, 05-Jul-2021 00:45:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 18ms
18ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:33 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame E157 668 B
719 B 17ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 0f1f1197ed9dc48530d98355a97ac67d2199fd89346141e954bc57673034d510

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; Version=1; Expires=Mon, 20-Jun-2022 00:45:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624149934|gekin0vNiygu; Version=1; Expires=Mon, 05-Jul-2021 00:45:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

POST
H2 204 events
bidder.criteo.com/csm/ 0
191 B 18ms
17ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gadgetsnow.com
date: Sun, 20 Jun 2021 00:45:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 4925 668 B
719 B 18ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 0f1f1197ed9dc48530d98355a97ac67d2199fd89346141e954bc57673034d510

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; Version=1; Expires=Mon, 20-Jun-2022 00:45:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624149934|gekin0vNiygu; Version=1; Expires=Mon, 05-Jul-2021 00:45:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 451E 542 B
652 B 17ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 0577adc4d9d215fab8ad9b9f17ce6d44953b9a1a20f4ed14f10b156c530b4a0a

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; pd=v2|1624149934|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; Version=1; Expires=Mon, 20-Jun-2022 00:45:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624149934|kigqiysLommOgevNgunsn0gi; Version=1; Expires=Mon, 05-Jul-2021 00:45:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/html
content-length: 338
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame CBE7 542 B
648 B 18ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 0577adc4d9d215fab8ad9b9f17ce6d44953b9a1a20f4ed14f10b156c530b4a0a

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; pd=v2|1624149934|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; Version=1; Expires=Mon, 20-Jun-2022 00:45:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624149934|kigqiysLommOgevNgunsn0gi; Version=1; Expires=Mon, 05-Jul-2021 00:45:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/html
content-length: 338
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 397ms
395ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=140700586750499&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_MID2_300&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=1&cust_params=BL%3D0%26sg%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624149934&dt=1624149934655&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=616&adys=2639&adks=197041999&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=764x290&msz=340x290&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=4&ohw=340&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1f4be34c8eb670c540cb18ab7c4a313e91fa50814c2fc55d31354ab18e83852b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11428
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 07A7 542 B
648 B 16ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 0577adc4d9d215fab8ad9b9f17ce6d44953b9a1a20f4ed14f10b156c530b4a0a

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; pd=v2|1624149934|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; Version=1; Expires=Mon, 20-Jun-2022 00:45:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624149934|kigqiysLommOgevNgunsn0gi; Version=1; Expires=Mon, 05-Jul-2021 00:45:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/html
content-length: 338
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5790 542 B
648 B 17ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 0577adc4d9d215fab8ad9b9f17ce6d44953b9a1a20f4ed14f10b156c530b4a0a

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; pd=v2|1624149934|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=dc561636-d4d8-02e1-0d2f-d833335c712f|1624149934; Version=1; Expires=Mon, 20-Jun-2022 00:45:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624149934|kigqiysLommOgevNgunsn0gi; Version=1; Expires=Mon, 05-Jul-2021 00:45:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/html
content-length: 338
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 401ms
400ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=327092319519953&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_MID1_300&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=1&cust_params=BL%3D0%26sg%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1624149934&dt=1624149934667&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=248&adys=4817&adks=4157453141&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=764x290&msz=340x290&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=4&ohw=340&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9dbbab3282033766ea84602f0d689a7fc012f0902a15e541be8de3198258e7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11432
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
433 B 28ms
10ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=580094&u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gadgetsnow.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
21 KB 480ms
480ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=1266483694886433&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_MID1_300&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=1&cust_params=BL%3D0%26sg%3D&cookie=ID%3D262d4c9545fdb760-22fc2bef65c800d0%3AT%3D1624149934%3AS%3DALNI_MZGkDqCdVtPDzGR5fJsoboMKJsJ_A&bc=31&abxe=1&lmt=1624149934&dt=1624149934693&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=248&adys=2639&adks=765429087&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=764x290&msz=340x290&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=4&ohw=340&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

df9404be19452ce521650142b064789268ea2ae71252a522f24aacd795f9c1ae

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJKjsP_9pPECFdqJdwodMHUIGg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJKjsP_9pPECFdqJdwodMHUIGg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21709
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 20 Jun 2021 00:45:35 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
433 B 25ms
11ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=580094&u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gadgetsnow.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 20 Jun 2021 00:45:34 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-198011-4&cid=1653738162.1624149934&jid=493135934&gjid=733172553&_gid=1396178576.1624149934&_u=aGBAiEILRAAAAE~&z=1829256631

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Jun 2021 00:45:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=214368635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Joker%20%27virus%27%20continues%20to%20haunt%20Google%2C%20found%20in%20these%208%20Android%20apps%20%7C%20Gadgets%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEILR~&jid=493135934&gjid=733172553&cid=1653738162.1624149934&tid=UA-198011-4&_gid=1396178576.1624149934&cd21=0&cd10=-1&z=1664166748

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 12:15:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44976
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
433 B 11ms
11ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=580094&u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gadgetsnow.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 47F8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=547860ce-8fae-4e00-a916-2e4766bade15

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=547860ce-8fae-4e00-a916-2e4766bade15
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 20 Jun 2021 00:44:59 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=547860ce-8fae-4e00-a916-2e4766bade15
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Jun 2021 00:44:58 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 47F8
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UPX5Tl6j-05Lp6sbXvG3Hl6h_0pL_K0eBfCzopBw

43 B
106 B

20ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UPX5Tl6j-05Lp6sbXvG3Hl6h_0pL_K0eBfCzopBw
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UPX5Tl6j-05Lp6sbXvG3Hl6h_0pL_K0eBfCzopBw
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 47F8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6754029531391018357

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6754029531391018357
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6754029531391018357
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 47F8 70 B
264 B 35ms
34ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=0ffa296f-7d5f-3d16-57f9-10db577b42d2&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 47F8 170 B
232 B 45ms
17ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM5NWZhYTUtYjQyOC02M2IyLTQyMTktNGE2MjlkOTk4Y2Iy

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 47F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKCkRf78fjeWgOgiOnwP30Y&google_cver=1

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKCkRf78fjeWgOgiOnwP30Y&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKCkRf78fjeWgOgiOnwP30Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E157
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e9f60ce-8fae-4600-9611-d3797eb8e7d5

43 B
106 B

21ms
20ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e9f60ce-8fae-4600-9611-d3797eb8e7d5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 20 Jun 2021 00:44:59 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=3e9f60ce-8fae-4600-9611-d3797eb8e7d5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Jun 2021 00:44:58 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E157
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=AFHH5Q4HxeUbA5WzU1iJ4lVTxrYbWcXlVwQOnXDz

43 B
122 B

20ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=AFHH5Q4HxeUbA5WzU1iJ4lVTxrYbWcXlVwQOnXDz
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=AFHH5Q4HxeUbA5WzU1iJ4lVTxrYbWcXlVwQOnXDz
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E157
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4597998246119038020

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4597998246119038020
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4597998246119038020
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E157 70 B
264 B 34ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=0ffa296f-7d5f-3d16-57f9-10db577b42d2&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E157 170 B
523 B 42ms
16ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM5NWZhYTUtYjQyOC02M2IyLTQyMTktNGE2MjlkOTk4Y2Iy

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E157
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFS1oRy8t4hrhRHRS6Oy_7k&google_cver=1

43 B
106 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFS1oRy8t4hrhRHRS6Oy_7k&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFS1oRy8t4hrhRHRS6Oy_7k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4925
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=884d60ce-8fae-4e00-9cff-94134c055785

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=884d60ce-8fae-4e00-9cff-94134c055785
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 20 Jun 2021 00:44:59 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=884d60ce-8fae-4e00-9cff-94134c055785
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Jun 2021 00:44:58 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4925
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VjCGCVhmhAlNYtddUzXIDlA01VlNOYFeBGU3unbr

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VjCGCVhmhAlNYtddUzXIDlA01VlNOYFeBGU3unbr
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=VjCGCVhmhAlNYtddUzXIDlA01VlNOYFeBGU3unbr
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4925
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=829054164514373065

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=829054164514373065
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=829054164514373065
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 4925 70 B
264 B 40ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=0ffa296f-7d5f-3d16-57f9-10db577b42d2&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4925 170 B
232 B 42ms
18ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjM5NWZhYTUtYjQyOC02M2IyLTQyMTktNGE2MjlkOTk4Y2Iy

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4925
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIsWCdlK4ttXHjh4Z0XUYsg&google_cver=1

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIsWCdlK4ttXHjh4Z0XUYsg&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIsWCdlK4ttXHjh4Z0XUYsg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dds
rtb.openx.net/sync/ Frame 451E
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
134 B

17ms
16ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: h0fqeuor2be562u635p92q2rvfqstkb9

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9b3d4f2b-edf3-af5f-662e-062ea82c8f9b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 451E 43 B
554 B 145ms
59ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/9b3d4f2b-edf3-af5f-662e-062ea82c8f9b?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 451E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8FyTPI4R1LULAH5

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8FyTPI4R1LULAH5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=8FyTPI4R1LULAH5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 451E
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=9d66445c-5b28-43e0-8074-41ddb7933131&user_group=1&ssp=openx&bsw_param=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:36 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
date: Sun, 20 Jun 2021 00:45:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 451E
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

43 B
106 B

19ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.148:80
AN-X-Request-Uuid: 0c60cd4a-a8d0-4ce7-88a8-b55fa41c9051
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 451E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVGRFN0JuUjhBQURmYldyYmRNZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeyU7BnR8AADZsqR50sQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABeyU7BnR8AADZsqR50sQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

20ms
20ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date: Sun, 20 Jun 2021 00:45:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

dds
rtb.openx.net/sync/ Frame CBE7
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

15ms
15ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: l8coni9lk4eg5ohpsquau3jqagcoa71j

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9b3d4f2b-edf3-af5f-662e-062ea82c8f9b
pr-bh.ybp.yahoo.com/sync/openx/ Frame CBE7 43 B
838 B 117ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/9b3d4f2b-edf3-af5f-662e-062ea82c8f9b?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame CBE7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=crqM90XC1LULAH5

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=crqM90XC1LULAH5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-09aa64c92a07a6de3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=crqM90XC1LULAH5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CBE7
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=16a773ca-dd16-4dba-8415-b9244030df3f&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
date: Sun, 20 Jun 2021 00:45:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame CBE7
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

43 B
106 B

18ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.147:80
AN-X-Request-Uuid: 2e479804-8e17-4301-9928-c98d18ec08c2
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame CBE7
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVGRVN0JuUjhBQURmYldyYmRNZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeyU7BnR8AADZsqR50sQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABeyU7BnR8AADZsqR50sQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

42ms
20ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date: Sun, 20 Jun 2021 00:45:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

dds
rtb.openx.net/sync/ Frame 07A7
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
135 B

16ms
15ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: 6rslgdumadu5b6ohg633gjpv1hs6mluq

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9b3d4f2b-edf3-af5f-662e-062ea82c8f9b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 07A7 43 B
553 B 139ms
59ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/9b3d4f2b-edf3-af5f-662e-062ea82c8f9b?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 07A7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RKmJNtN61LULAH5

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RKmJNtN61LULAH5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RKmJNtN61LULAH5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 07A7
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk9bf0cbd9-e436-4622-914f-544dca3ccbff&expires=7&user_group=5&ssp=openx&bsw_param=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
date: Sun, 20 Jun 2021 00:45:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 07A7
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

43 B
106 B

18ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.37:80
AN-X-Request-Uuid: c0fb4e83-6643-49a2-8511-10ecd2bbfb7c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 07A7
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCZXlVN0JuUjhBQURac3FSNTBzUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...

43 B
163 B

64ms
20ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date: Sun, 20 Jun 2021 00:45:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

dds
rtb.openx.net/sync/ Frame 5790
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=0KyjU9TZhDixjVxshGJ4aA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
134 B

16ms
16ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: 484sb3ssa20korghq5slbh3vchagnklr

Redirect headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9b3d4f2b-edf3-af5f-662e-062ea82c8f9b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5790 43 B
554 B 112ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/9b3d4f2b-edf3-af5f-662e-062ea82c8f9b?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:34 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5790
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=sc6yLorv1LULAH5

43 B
106 B

18ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=sc6yLorv1LULAH5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=sc6yLorv1LULAH5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5790
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4ff0d2e0-f68d-4a3b-9821-28f911f36f30&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=b00a967f-43ea-4ff4-a942-36d3ad285e16&expires=1&user_group=5&ssp=openx&bsw_param=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:35 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=4ff0d2e0-f68d-4a3b-9821-28f911f36f30
date: Sun, 20 Jun 2021 00:45:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5790
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325

43 B
106 B

18ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-Proxy-Origin: 152.89.163.172; 152.89.163.172; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.49:80
AN-X-Request-Uuid: 434e380a-ae62-466c-b508-e9ca683a81d5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=6886257737973514325
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 5790
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABeyU7BnR8AADZsqR50sQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABeyU7BnR8AADZsqR50sQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=2&ev=AABeyU7BnR8AADZsqR50sQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

35ms
16ms

Image
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=60000d80-36d6-40fe-9f6c-c53889afbe3f&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABeyU7BnR8AADZsqR50sQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date: Sun, 20 Jun 2021 00:45:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 22ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-198011-4&cid=1653738162.1624149934&jid=493135934&_u=aGBAiEILRAAAAE~&z=255627155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
15ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-198011-4&cid=1653738162.1624149934&jid=493135934&_u=aGBAiEILRAAAAE~&z=255627155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gadgetsnow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
23ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gadgetsnow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 589ms
589ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=1819224794977356&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_ATF_728&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C980x200&eri=1&cust_params=BL%3D0%26sg%3D&cookie=ID%3D262d4c9545fdb760-22fc2bef65c800d0%3AT%3D1624149934%3AS%3DALNI_MZGkDqCdVtPDzGR5fJsoboMKJsJ_A&bc=31&abxe=1&lmt=1624149934&dt=1624149934738&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=197&adks=2153144874&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x6839&msz=1600x111&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

de4b635b0406bc82361620df0970fa5a3fd4585484c6a7c7fa220c18d7ad26ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11053
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
433 B 10ms
10ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=580094&u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gadgetsnow.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
16 KB 468ms
468ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=553655884388104&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_MID2_300&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=1&cust_params=BL%3D0%26sg%3D&cookie=ID%3D262d4c9545fdb760-22fc2bef65c800d0%3AT%3D1624149934%3AS%3DALNI_MZGkDqCdVtPDzGR5fJsoboMKJsJ_A&bc=31&abxe=1&lmt=1624149934&dt=1624149934753&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=616&adys=4817&adks=3519675332&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=764x290&msz=340x290&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=4&ohw=340&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ae9169f426aa7925b0fd20a3a513921481d75aa25b1be39ad4106f1ebb0cd203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16238
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
433 B 13ms
11ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=580094&u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gadgetsnow.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gadgetsnow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gadgetsnow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
27 KB 448ms
447ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=2512230045208259&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_ATF_300&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=1&cust_params=BL%3D0%26sg%3D&cookie=ID%3D262d4c9545fdb760-22fc2bef65c800d0%3AT%3D1624149934%3AS%3DALNI_MZGkDqCdVtPDzGR5fJsoboMKJsJ_A&bc=31&abxe=1&lmt=1624149934&dt=1624149934777&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=1012&adys=730&adks=1432746157&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=395x5628&msz=367x286&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=4&ohw=367&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef00aea52a5f5ce1843747529a4f5eb50a4c4dbcc174e31ad5b3a7f75d8ca283

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzEtP_9pPECFYbXdwodesgO7g&gqi=&layout=/sadbundle/%24csp%253Der3%24/6212998800990712918/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzEtP_9pPECFYbXdwodesgO7g&gqi=&layout=/sadbundle/%24csp%253Der3%24/6212998800990712918/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27681
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 20 Jun 2021 00:45:35 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
433 B 11ms
11ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=580094&u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gadgetsnow.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 420ms
420ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1037050982062372&correlator=2356999448623201&output=ldjh&impl=fifs&eid=31061463%2C31061501%2C31061165&vrg=2021061703&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=7176%2CGadgetsNow%2CSlideshow_AS%2CGadgets_Now_SS_AS_MTF1_300&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=1&cust_params=BL%3D0%26sg%3D&cookie=ID%3D262d4c9545fdb760-22fc2bef65c800d0%3AT%3D1624149934%3AS%3DALNI_MZGkDqCdVtPDzGR5fJsoboMKJsJ_A&bc=31&abxe=1&lmt=1624149934&dt=1624149934784&dlt=1624149933907&idt=517&frm=20&biw=1600&bih=1200&oid=3&adxs=1012&adys=1649&adks=1744709459&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=395x5628&msz=367x290&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1653738162.1624149934&ga_sid=1624149935&ga_hid=214368635&ga_fc=false&fws=516&ohw=367&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ca573b49b9a2a6e50e565e3c8c10fed1c921f9a5f33c3d899c6c1a96c397253e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11157
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
433 B 11ms
11ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=580094&u=https%3A%2F%2Fwww.gadgetsnow.com%2Fslideshows%2Fjoker-virus-continues-to-haunt-google-found-in-these-8-android-apps%2Fphotolist%2F83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/193119-87363260256000.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 00:45:34 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[152.89.163.172], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.gadgetsnow.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 20 Jun 2021 00:45:34 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032106141722000/ Frame F93C 189 KB
55 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1275f5002f1fb5418de69bba40d0be4b9613e7aa418ee1e4944fe3d3dc3040ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55231
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a1cc68f2f20fccef"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame F93C 13 KB
5 KB 53ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "20d5993134a00e72"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame F93C 85 KB
27 KB 54ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27288
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0e18b5d4ac760a2b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame F93C 3 KB
1 KB 56ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1299
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da415af7878c9ead"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame F93C 40 KB
13 KB 56ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12849
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6ce0de783bcb6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
DATA 200
OK truncated
/ Frame F93C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f00b922b10840aa87582be564f52d73fdc3afbcadff9900f25d5cf26189b982

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11394958807568283040
tpc.googlesyndication.com/simgad/ Frame F93C 48 KB
48 KB 8ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11394958807568283040?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkjvPhVpGg3kzFbx9HjAPYalQ-lhw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4737c330e180a3f59396d37eaa641181a86e3fbc812129fcf7c9bdbe3584de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 11:59:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 16:56:41 GMT
server: sffe
age: 45991
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48915
x-xss-protection: 0
expires: Sun, 19 Jun 2022 11:59:04 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F93C 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 10:27:05 GMT
x-content-type-options: nosniff
server: cafe
age: 51510
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 20 Jun 2021 10:27:05 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F93C 295 B
568 B 7ms
5ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 09:06:51 GMT
x-content-type-options: nosniff
server: cafe
age: 56324
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 20 Jun 2021 09:06:51 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F93C 0
0 23ms
22ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cepakro_OYNWtKoKCjuwPo9GcuA_52Jz7YY6T5vDFDZCs-vqNDhABIO2C-B9glfrwgYwHoAGcr_uoAsgBAuACAKgDAcgDCKoE1wNP0NmCzW0JCM49aKC6BATmcUZjRTpdWG5bfzQoDafjYRIdbElSfEipiGja5qaucoi1eJLZnos3T64hqUo87PrRLZ2dEkOTajSUpG1qiM1_L9COfcHxGiJGnq2sNMYDkx_bhBhLu_XRC5BBSj7IGZWZGmSRXDKEjXP4WK3x8qawVkg00CgHZIHZo_x6PlTqvlJrifLxGnIjBVz5ZeFMQXkAjdSIPz4qM-XbIJCO9iB8D1ObJx0oJKotCRCrWIOc8Ilv4zmyI1iQ3RwRwxB8zwx7KxTM4l_rbkq8CD_pYP6fDJJyaVI1bKLjAc3V1ASe4Sx1Na43OS_dLkrILG-Obnv_I4fYbcKriUavBbnSXuOa0jHFWE8Glt5-OCX-GV41BK-HMgScQ6XJr5Jv5gVV1xSJKuMmZLivUz9tx2vQ58v2HZuASSAaAWiV5vylm5s6PYDmN_q7MnBwzMRyCjHA-cbsnhcrJ5dHDUSMp5Iyg6Q3ANqWMhK9zIaBFbeUKNoS5UrXQ_eRqestIlljqvvQMXziF2XScTDr0HS3XZRFDjhP_HQlncrd_KvnwXJqFi1rq_ZQ9A8Ts7RxXRp34bSD28hhDPca3sYZX82h1fhAMXJMTPLL5_TavOLABImkvfbLA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC-zAjSCAkIiOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItMjIzMDcyMzAyNzkyNzM3MQ&sigh=PizEw0g7kQ0
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame F7B9 191 KB
54 KB 29ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame F7B9 12 KB
5 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame F7B9 87 KB
27 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame F7B9 4 KB
2 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame F7B9 41 KB
13 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B9 2 KB
2 KB 18ms
15ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 07:08:16 GMT
x-content-type-options: nosniff
server: cafe
age: 63439
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 20 Jun 2021 07:08:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B9 295 B
319 B 16ms
13ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 09:59:33 GMT
x-content-type-options: nosniff
server: cafe
age: 53162
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 20 Jun 2021 09:59:33 GMT

GET
DATA 200
OK truncated
/ Frame F7B9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fad734f6a14e2a0e70b09ef077a354d1e858bd9c2618acfd34e073b15238b38

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 5847671032413157690
tpc.googlesyndication.com/simgad/ Frame F7B9 42 KB
42 KB 18ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5847671032413157690?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnDHqNjbgAPP_OMueekNWCtCzJBYQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309d93da58ec9b2f902bd0e85f6eda0ff14ad458b308c5effd6590131f63994c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:53:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 17:03:22 GMT
server: sffe
age: 49948
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42771
x-xss-protection: 0
expires: Sun, 19 Jun 2022 10:53:07 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F7B9 0
0 27ms
20ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXUPBJKMTl9Pt06tHcaAz3zO_NFDBUM9225V-BD06sytzh30fsSF_4T_F7f6CzQ58cSVeg
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F7B9 0
0 24ms
17ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVJlGro_OYIvfKpXq3gPC5I6AAqrU8eNipp-Nj6UNkKz6-o0OEAEg7YL4H2CV-vCBjAegAZyv-6gCyAEC4AIAqAMByAMIqgTWA0_QBhSBTPEY4wkAnMaUMr7A---AhpcWPCMjaEtm5AGa-sbGhxxhIMmXIwhCnIB-JEqyo0XEpxViD2Rlr6__kavdfTnjnTDaaD2rIIPtuTnpT-xYyVXxxxkf3jpEWdUDz0Y3tDAiAgtJEIaKQDCMYyFVOzZzWHdTCxPQJYt-yWYdHCu6dqDtLYFhFfkxu-98wGU0lno8k8SfcezWoxc37vDQMBvswIFvL3pGuejVJPFn0VtH_HuQ-zuLi_tHjabH0fG6MbD-JxiX5BuAw6PTuRUbmDTd7ET2FsZEBp2Y9gIaSn3K1yrInlNVXYIWxhDwf2H-fZsucQVGuHpbFjirsGJcpfE3M6Aq7xowTzM6bETzgFMmjrlib_ddiG05Y7qVkqZ9xHzdAPksS7kOlY2A0iHpu0vX3lQ1rp4Xf5SMbueOSC_uFQzxUnFMbMnoQJXREcj07pCeD0Gperq0XGodnZm3JwAED6jDXsYjPZVB4-2Qt69uCzEE5kyxqdYyhBrNPqFctBuN_8xPEXa2dPeO23RHoJMQc2uIjX8rIRuCB_3rfz1d6_kudHODmdjrd-xwpyjPEvkzHAH_3xyntx3CdAPpy2IWao8tLBgEj-3z1ndfQUvbpBgcwASR-ZPlugPgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQre8G0ggJCIDhgHAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTIyMzA3MjMwMjc5MjczNzE&sigh=qL4f5n2vdAM
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F93C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 20 Jun 2021 00:45:35 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 container.html Show response
7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA09 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Jun 2021 00:45:34 GMT
expires: Mon, 20 Jun 2022 00:45:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:35 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F7B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

22ms
21ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 20 Jun 2021 00:45:35 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 5847671032413157690
tpc.googlesyndication.com/simgad/ Frame F7B9 42 KB
42 KB 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5847671032413157690?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnDHqNjbgAPP_OMueekNWCtCzJBYQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309d93da58ec9b2f902bd0e85f6eda0ff14ad458b308c5effd6590131f63994c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 10:53:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 17:03:22 GMT
server: sffe
age: 49948
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42771
x-xss-protection: 0
expires: Sun, 19 Jun 2022 10:53:07 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B9 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 07:08:16 GMT
x-content-type-options: nosniff
server: cafe
age: 63439
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 20 Jun 2021 07:08:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F7B9 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 09:59:33 GMT
x-content-type-options: nosniff
server: cafe
age: 53162
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 20 Jun 2021 09:59:33 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame DDFF 191 KB
54 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame DDFF 12 KB
4 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame DDFF 87 KB
27 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame DDFF 4 KB
2 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame DDFF 41 KB
13 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 416177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDFF 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 07:08:16 GMT
x-content-type-options: nosniff
server: cafe
age: 63439
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 20 Jun 2021 07:08:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDFF 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 09:59:33 GMT
x-content-type-options: nosniff
server: cafe
age: 53162
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 20 Jun 2021 09:59:33 GMT

GET
DATA 200
OK truncated
/ Frame DDFF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f8c58b0979e4c89f082e36bc2bf1fe8ec162a07307fc6d80b3c6da7f0fe4567

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 18161708867861260453
tpc.googlesyndication.com/simgad/ Frame DDFF 23 KB
23 KB 7ms
6ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18161708867861260453

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddb74183b6e56425f5266cfb6cb12d14b4fb81e96a4adedd1ab98974d4a930bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 08:44:40 GMT
x-content-type-options: nosniff
age: 57655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23522
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 14:33:46 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 08:44:40 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DDFF 0
0 24ms
23ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CY0pqro_OYPL4MdCBjuwPpKer8AbR_e7RYpiPvo_MDQoQASDtgvgfYJX68IGMB6ABjue51QHIAQOpAuIHYv5257M-4AIAqAMByAMIqgTcA0_Q2w_LSAjRCQvEk1QR4V_Tn6zOZOz8U6Ty7SBcydBdM_dUcRrWKC1bO7kq_EoZTP6ivNp2O7HSAzDF1bLFAGeZjWJycNSdvAPRhlmxg2kxB1aF5Pu6rWa3ArxyWrt8gyKHaR23JNDKET-8EouDRAp5hHDIY5jKMSknl7YURZU170z2KqqzuZ5w8bgnyz_hWFbU7WdsqX_-RYuePeQXkD-mYfoXtU_M_OSwM-yMzDiwJ8rVjJMktijDPRdpxVGrk_5pororIwtdftkXdQGa5ZDZjGskWfPxRnui98hNaBU2t2SZMYdjl-SA6ZDVf2tRIMHhT6WxaBbQn31CX_DCF8RmYhGVFX86AR_royUt6-3i56EEplZ0XNFivmaERfPPb3puUjQJJ6J8Un5fo3-SpSBvOVG8LCAOMTuO560QS4Nga7ero-fVB7nI8r5apORMctguzjcFoK_B2GamaRZtcOGWXQXdNllX-0KNlHRCbELO2rIoI5JurH5Tn_oq4xdX_LpWAH1hjKnC5u05n1M2mE92dNNXGpOk06AcgocycBCDt5zKPduehqLmxDB1Fo_E-3EnlMXyChx6VbxMbZoH_mrySJCc2CRE_mDWWjDphZ70ZtRasEelKFaWW-9lwASY9fWjywPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH2pjGqgKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQuNgF0ggJCIDhgHAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTIyMzA3MjMwMjc5MjczNzE&sigh=zFP5pxJe4rI
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 02BA 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Jun 2021 00:45:34 GMT
expires: Mon, 20 Jun 2022 00:45:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5334 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Jun 2021 00:45:34 GMT
expires: Mon, 20 Jun 2022 00:45:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032106141722000/ Frame C75A 189 KB
54 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1275f5002f1fb5418de69bba40d0be4b9613e7aa418ee1e4944fe3d3dc3040ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55231
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a1cc68f2f20fccef"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame C75A 13 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "20d5993134a00e72"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame C75A 85 KB
27 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27288
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0e18b5d4ac760a2b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame C75A 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1299
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da415af7878c9ead"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032106141722000/v0/ Frame C75A 40 KB
13 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032106141722000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 358619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12849
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 21:08:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6ce0de783bcb6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:08:36 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C75A 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 07:08:16 GMT
x-content-type-options: nosniff
server: cafe
age: 63439
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 20 Jun 2021 07:08:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C75A 295 B
319 B 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 09:59:33 GMT
x-content-type-options: nosniff
server: cafe
age: 53162
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 20 Jun 2021 09:59:33 GMT

GET
DATA 200
OK truncated
/ Frame C75A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4249f031fa8d4ad2c62ccaee68f209d34543a6d26da49d289a9a4032d2f25ea

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 11317220035270259713
tpc.googlesyndication.com/simgad/ Frame C75A 51 KB
51 KB 9ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11317220035270259713?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnxGQj72zeAgRxjNtTg0T2uqp85jA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34990e6c71b076479eab373cc9903c82c11e7ae4e928a47a4f951f8fbf447bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:02:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Dec 2020 14:11:48 GMT
server: sffe
age: 70964
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51824
x-xss-protection: 0
expires: Sun, 19 Jun 2022 05:02:51 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C75A 0
0 17ms
17ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs8Pqro_OYOGNL5C03gPDu5LQDoqKtMthifvu-cwMlJGcjrYOEAEg7YL4H2CV-vCBjAegAZ2w7qEDyAECqQLiB2L-duezPuACAKgDAcgDCKoE3gNP0PNHlWp_TeAH-N9qlkFsI7kRzqTAYnPxKKx64SFWywhxrC3ct3qmUnFb88s7gU8vmQo2HBI6pXd-cPKnbqcLFGbwHILPrsDDLld0eikJYhol9XGvMfhMx4QyKMl4QiPaAeqhpe9shEMFjvxmhOLEkJhb__4xGNfrflkcpS5jM3rYDojtWua8AuDP_0aiYGNdq7e0co-FR-4AhhTrqh-iXrdVLXBbWYp49PabpbijAXt0yNITiKVgztzIl_dRPhlTFCLKnvVmw3OVS_0JoafVztAyWvlg49Q9Q22o7jCsCWi2f3GUEmh1xbQTiJKdBb6RijBbqcjXnj772-1FkKBOZpzJRQ0sPqj8VysXD0dXCvAiMTiZTAeUyovFUPgezfEroMYaGjMQHESesh8ukPwYwu_3GJvBe1b4XTw1XGdyhnRAoYjxNsWF2FU-MNNvsQERcqCA00Rwhn1rNFhNgMUv8fZFFgik1_65f6cKA4bm7BJxk_1uM3DtFEwgEFQjeZgW5xDABoZDFnw0YqHoXT8cKK5IUNLZ_Up4Rh5ulmpGt8pdjQC0YBknXVk2OOOXkZ5EPN1f-xqM_HrGKL5It_TedoP5nLN7551zcUlgPTEjcnXM-TqFHIyKvHbMjt0CwASamZrD6wHgBAGSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBC98gzSCAkIgOGAcBABGB2ACgPICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItMjIzMDcyMzAyNzkyNzM3MQ&sigh=CokmVx_HbrA
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame A775 369 KB
34 KB 12ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12502976385620377600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 19 Jun 2021 04:55:28 GMT
expires: Sun, 19 Jun 2022 04:55:28 GMT
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 34639
age: 71407
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EA09 0
0 23ms
18ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C72j9ro_OYJKULdqT3gOw6qHQAYCR0_hihOnKwbUN0LP6-o0OEAEg7YL4H2CV-vCBjAegAdTQ0JcDyAEJqQLiB2L-duezPuACAKgDAcgDAqoE2wNP0JJcivHVKrlxH2qfh2EZGTPkvxLOvb8iJvf59kiFoqq5yWBhhsKihtvwa1cs4VAJrqASboVFRnk-BEqwtilozsQkMLeYecKqhEOd-QDZWJyWjk3ScXTAOQEfUbmi5Lr5Co9jzl69pkPGxFXKJQUWhrLWQsQSOTmmunyLb7o_9zN72XX50Crx7jdM4eY01ieG7IrdjG_oMaD1zzGs1BHXD0WPKRSTqKpFBbWMfC7tYESJnzpBPpYGI7G-zJT8T_w7wZiVUvt3-AztItnDrMsNBV-C9y0noeAfMr2NyCnZwgFlhBHZXjwKYKxrtwD-Ik8bD0PU1nWZmTozeX_iReeCdGEwj6NYmq4LFJ354fqOen8afPE0HysfbgfwtAu-Iv1kLOzVcyRccVXU2h014OUf-CpmmD3U1tj8iHZbfOr2z53RiA90pCabRGjq2RDfa8A0TLOpiuCSwLYZdmruPCWvoGDmlddMT91rDH8WTvEQ1eFi0_WMYDGiV7HeUQLdTktgkEyM3ClE47sMzyTQr9ieMYgQ4abPV1HLdJ3tB2B2dTFp0L13x57ZO8XAs-aRkN61kvtlfkGZfrBN0UiVm_8zGTvsLghBg9KC002fdy-uHW0jDsCmjRHGR5JYwASmjfPbvwPgBAGSBQQIBBgBkgUECAUYBKAGXYAHy__cbKgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDjqxHSCAkIgOGAcBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMjIzMDcyMzAyNzkyNzM3MQ&sigh=FvDnq5-SGMw
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2FC9 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmqxFmdhl50Hskuk3AAytjZNa4BU8dtUOzLFg__whq66rUX4c4zSNLV08-ZMgg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 19 Jun 2021 23:51:12 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame EA09 3 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:44:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA09 122 KB
37 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:35 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame EA09 13 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:35:28 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DDFF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 20 Jun 2021 00:45:35 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 18161708867861260453
tpc.googlesyndication.com/simgad/ Frame DDFF 23 KB
23 KB 7ms
6ms Image
image/gif 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18161708867861260453

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddb74183b6e56425f5266cfb6cb12d14b4fb81e96a4adedd1ab98974d4a930bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 08:44:40 GMT
x-content-type-options: nosniff
age: 57655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23522
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 14:33:46 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 08:44:40 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDFF 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 07:08:16 GMT
x-content-type-options: nosniff
server: cafe
age: 63439
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 20 Jun 2021 07:08:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DDFF 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 09:59:33 GMT
x-content-type-options: nosniff
server: cafe
age: 53162
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 20 Jun 2021 09:59:33 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 02BA 1 KB
909 B 11ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 23:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 23:35:18 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 02BA 0
0 21ms
18ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4qdVro_OYMCXMJ-AjuwP-_iC0AvVgaquY7Lup86MDsf43Zi6ARABIO2C-B9glfrwgYwHoAHP6JmuA8gBBqkC4gdi_nbnsz7gAgCoAwHIA5sEqgTYA0_QDcLP2ZxCpSRxlxBib-Z6K-yHYOMyZRirtn4LRv2SEM8wg0pK29QZ0Tmqca0w9rcwiTXj5Qylaj3a3jjfTSgq7EBvHpyTsJsIK93UW6hw4-KYHiRGC1rP2XZqserx8Rb7x2V6tHEUE6pRD83sgzlqKR9B1bPWD9fY3nWGbN02SO8c4Q0JV_pUz_rClONVDX2kDdFu9nAUodLMkCsK7hz3M-BW5205A-JUHe_ypJN7eZ5H_P6yyiDfUQVYLkQg_T6BhkQkyYHS2b_MK_GkOtQOQ2qNJrc1Qel4RjSu-uaf64_D-yGCqxhfjZBSSNC8lNqsxlIsFHt0kAlMJcc_Ngy4FEVChDdKblGVnDjvdjlrpLPkgJuHflgyXoPNj463o3V8ww7BGZmoApEP8bfYFSK7heZpkKo6PKZiBi3LtOjCALFEvpta4OWb-VLMxFFwqtn0gKclAL7Gn53_j6RKK95z6EnxcV2spApwyS48mi0-YM_xHTR4Z87TuULE3XY5fQU04hR2SsPTqAjJkc27O5xddd-_sWOKIv0yaLzDnaeJ3AoG3tAVNzR0NasOeWycQHSLESUCMEAmgRRXAyRpXZ89cmNV477jjXn747Nds1ofYuSknQh_m7XABKi1zM7aAeAEAZIFBAgEGAGSBQQIBRgEoAY3gAeZl-ZRqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELPxBdIICQiA4YBwEAEYHYAKA8gLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi0yMjMwNzIzMDI3OTI3Mzcx&sigh=qtQRctBLKBo&template_id=492
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 02BA 17 KB
7 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:35:04 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 02BA 3 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:44:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02BA 122 KB
37 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:35 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 02BA 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:35:28 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 02BA 0
0 15ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSY8k-Ziyj3rLrzGpO4MTDnNZiLzN6kbvS1bi8HzfWQaUMMCxOOBGw9Mdb5tJqCm1FhjbbY
Requested by: Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 37c44ba5c7c2e56e86b2dceff03da5e6.js Show response
www.gstatic.com/mysidia/ Frame 02BA 25 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/37c44ba5c7c2e56e86b2dceff03da5e6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 13:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10651
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 06:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:27:06 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11947014231514570249/ Frame 02BA 11 KB
11 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11947014231514570249/downsize_200k_v1?w=400&h=209

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70f4e273823a57e09e249e639b08f07f7e6ac91c7c57276a7fc51924dd357f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 04:53:27 GMT
x-content-type-options: nosniff
age: 71528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11461
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 14:38:58 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 04:53:27 GMT

GET
DATA 200
OK truncated
/ Frame 02BA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/ Frame 81FC 2 KB
814 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ef5da18f8b87352f7274273f3a801336d73b18dd24bff1a4633fabe73bcb363

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6212998800990712918/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 782
date: Sat, 19 Jun 2021 08:03:59 GMT
expires: Sun, 19 Jun 2022 08:03:59 GMT
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 60096
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5334 0
0 19ms
17ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7baHro_OYJy1MYav3wP6kLvwDobVz-diqt-g99YNpN-IgLYiEAEg7YL4H2CV-vCBjAegAa6ezLsCyAEJqQLiB2L-duezPuACAKgDAcgDCKoE3wNP0HenW2pBeEBuIZ2KfZe_gRJebMqZBoICQJJWE-1WqCVuG7JAskZFTtRYk2cL5QOyFGUSWfzcSzeYij-DylMc5SnIbQi-wz6h4Tk8YF11fN8EG4id4E-MsSkcdeKZKdWENF34aY-EchELGB8paNTTEnZ1c348QaqXN8H7zybcsmKhio6QEE7sXlUkHM8zIx-nbwGZRg029U1dz3avHCGfwSW0ts11_rwjHpF_wjctHEGtq6zF4QDvqOHSh-52R_tBnXjW9ho0crrmjr2eeNjatsusAfQG0TqTLA1EO21QBJCODZ0Ejaa31OWKISAM26FEIOXJo3QCln8pdeMTEkVJgwX4eErGX7R4fRjOnlU58m-bflrt4lXBIl7eGppcTv7Zs1yKf3nLtDJDQNT-72lydH-F_tw6sp1DdubKIZPV78kMi35yvQIf7UEzom7hzdiu3PBI28lz18SDaHkr3ZgFttSdvcwa7BYrNVK4JiDRzx5rWbJ7h7rSUUH1-V0Gx4dq9W8sjMiKadpK3E_KcFY8E8etMUePrv8BP8s-N_a7tooKPOHvfSsOXSzmK2KGYSOSyNSsyuKl4BgeU7oq7xPaqafDThUlqSFi3M4lx-kGx7kHRv9a9gTDvlPha2ey_sAElIyppLoD4AQBkgUECAQYAZIFBAgFGASgBi6AB6yG1YMCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJCED9IICQiA4YBwEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0yMjMwNzIzMDI3OTI3Mzcx&sigh=SsqILMIqqmE&template_id=419
Requested by: Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 5334 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:35:04 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 5334 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:44:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5334 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:35 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 5334 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 607
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 00:35:28 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5334 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpUCpD_BvI34cVfbeogm6U2jmhfi7g83V7Tbc0LiwGFrcooJ2gi7ztOvZsktirawYdZ6ZY
Requested by: Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C75A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 20 Jun 2021 00:45:35 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 11317220035270259713
tpc.googlesyndication.com/simgad/ Frame C75A 51 KB
51 KB 6ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11317220035270259713?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnxGQj72zeAgRxjNtTg0T2uqp85jA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34990e6c71b076479eab373cc9903c82c11e7ae4e928a47a4f951f8fbf447bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:02:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Dec 2020 14:11:48 GMT
server: sffe
age: 70964
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51824
x-xss-protection: 0
expires: Sun, 19 Jun 2022 05:02:51 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C75A 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 07:08:16 GMT
x-content-type-options: nosniff
server: cafe
age: 63439
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 20 Jun 2021 07:08:16 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C75A 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 09:59:33 GMT
x-content-type-options: nosniff
server: cafe
age: 53162
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 20 Jun 2021 09:59:33 GMT

GET
DATA 200
OK truncated
/ Frame EA09 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05812a62ca57738621bfb35174e877ac4dec5859d92c36c22b17f37d2b73cad8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 02BA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 836dbbf520754fa99c85f9dadf9702e183e88f575d6977625b5d7167993f393e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 81FC 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 09:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Jun 2021 09:26:19 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 81FC 26 KB
10 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 08:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Jun 2021 08:00:38 GMT

GET
H3-29 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/ Frame 81FC 6 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

460243b37dc54425f7104fa2a1dd78712437bd85d61a0d10fdbc60cd77732ccc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 36560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Sat, 19 Jun 2021 14:36:15 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 14:36:15 GMT

GET
H3-29 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/js/ Frame 81FC 3 KB
627 B 9ms
9ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecdc50d52c709dcee691a38026d3fd60a962e65db82c697ebdc2d0e23bff66fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 58204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 594
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Sat, 19 Jun 2021 08:35:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 08:35:31 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA0F 143 B
163 B 9ms
9ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmqxFmdhl50Hskuk3AAytjZNa4BU8dtUOzLFg__whq66rUX4c4zSNLV08-ZMgg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 19 Jun 2021 23:51:12 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5334 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5c277a09a1c34323d0f277fb4fefb1cf8ce789e72cbe6abc5b8a1a37a2069ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame A775 2 KB
662 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Jun 2021 23:51:34 GMT
server: ESF
date: Sun, 20 Jun 2021 00:45:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Jun 2021 00:45:35 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2FC9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmqxFmdhl50Hskuk3AAytjZNa4BU8dtUOzLFg__whq66rUX4c4zSNLV08-ZMgg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:45:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 20-Jun-2021 01:45:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 00:45:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:45:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bg_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/ Frame 81FC 43 KB
43 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/bg_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ceef19064096edd59fb59d5aba5f6a5a990cf44e47d61ac0e0ed0979cca361

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 54074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44332
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Sat, 19 Jun 2021 09:44:21 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 09:44:21 GMT

GET
H3-29 200 bg_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/ Frame 81FC 22 KB
22 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/bg_2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1004a7c69c7fd163736704cf3cdb7828f96b8c430b79935e4ad6992cbb33f2ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 70733
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22553
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Sat, 19 Jun 2021 05:06:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 05:06:42 GMT

GET
H3-29 200 banner.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/ Frame 81FC 18 KB
18 KB 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/img/banner.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e84c34cc73de54bd74686dda62e36941bd93aec206c032cce3b0b5f23a881e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 71689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18629
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:49:06 GMT
server: sffe
date: Sat, 19 Jun 2021 04:50:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 04:50:46 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A775 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 07:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Jun 2021 07:51:03 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A775 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 08:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Jun 2021 08:00:38 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame A775 18 KB
18 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 11:59:04 GMT
x-content-type-options: nosniff
age: 45991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18116
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:31:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 11:59:04 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BA0F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
URL: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmqxFmdhl50Hskuk3AAytjZNa4BU8dtUOzLFg__whq66rUX4c4zSNLV08-ZMgg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:45:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 20-Jun-2021 01:45:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Jun 2021 00:45:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:45:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Grover_Logo_Claim-top-White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame A775 8 KB
2 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/Grover_Logo_Claim-top-White.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 47644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2144
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 11:31:31 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 11:31:31 GMT

GET
H3-29 200 sim.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame A775 8 KB
8 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/sim.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 47917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 11:26:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 11:26:58 GMT

GET
H3-29 200 phones_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame A775 48 KB
48 KB 10ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/phones_2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 45075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48894
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 12:14:20 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:14:20 GMT

GET
H3-29 200 1phones.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame A775 26 KB
26 KB 10ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/1phones.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 43143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26884
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 12:46:32 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:46:32 GMT

GET
H2 200 v5.htm Show response
ade.clmbtech.com//cde/data/ 33 KB
5 KB 167ms
167ms Script
application/javascript 2a02:26f0:64::214:84d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ade.clmbtech.com//cde/data/v5.htm?id=349849~11~Slideshow&_v=0&auds=all,5q6&_u=https%3A//www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms%3Futm_medium%3Demail%26_hsmi%3D134933880%26_hsenc%3Dp2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA%26utm_content%3D134933880%26utm_source%3Dhs_email&_t=3&_c=C62m85S664&fpc=&r=a345R261M59&optout=1&dpv=1

Requested by

Host: static.clmbtech.com
URL: https://static.clmbtech.com/ad/commons/js/2658/colombia_v11.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

325fbe49f3d8d0d8f7396a1747f48b6e13405ce8533844044b1646715018f269

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
date: Sun, 20 Jun 2021 00:45:36 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-metime: -1
cache-control: private
content-disposition: inline;filename=f.txt
content-length: 5155
x-xss-protection: 1; mode=block

GET
H2 200 8a6031802eab3d8c3808311c0fbfe12c_1623931416960_0.webp
static.clmbtech.com/ctn/74721/images/19/ Frame 75D4 28 KB
29 KB 571ms
569ms Image
image/webp 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.clmbtech.com/ctn/74721/images/19/8a6031802eab3d8c3808311c0fbfe12c_1623931416960_0.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

1f43ad8d6eeb0cffee997b84e2c5b66191836673a3e73c98dbb23bd4298197e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "7144-5c4f73e726289"
vary: Accept-Encoding
content-length: 29019
cteonnt-length: 28996
last-modified: Thu, 17 Jun 2021 14:44:27 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Sun, 20 Jun 2021 00:45:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 75119bbb913e2e909c34c09a97ff3da6_1541521206059_0.jpg
static.clmbtech.com/ctn/27827/images/19/ Frame 75D4 11 KB
12 KB 10ms
9ms Image
image/jpeg 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clmbtech.com/ctn/27827/images/19/75119bbb913e2e909c34c09a97ff3da6_1541521206059_0.jpg
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ca3e5c4640f019e2c2dc3cdcb318c2cee57f499077d20416477b1f471a59e426

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:36 GMT
last-modified: Sat, 01 Dec 2018 09:55:47 GMT
server: AkamaiNetStorage
etag: "328a369069e38f5a9395f06b21ac00c3:1543658147.481247"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11556
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 9ba24c4ce80962cadcd65689d5e2bdfc_1617793010196_0.webp
static.clmbtech.com/ctn/62257/images/19/ Frame 75D4 23 KB
24 KB 9ms
8ms Image
image/webp 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clmbtech.com/ctn/62257/images/19/9ba24c4ce80962cadcd65689d5e2bdfc_1617793010196_0.webp
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d8bf02110e512521ed5beafe3c620ba0e9248b67453705e575062a292e785ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:36 GMT
last-modified: Wed, 07 Apr 2021 11:18:30 GMT
server: AkamaiNetStorage
etag: "66cf0a7341b6294c5a9256227ffa29bf:1617794310.292112"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23982
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 8a6031802eab3d8c3808311c0fbfe12c_1623931777049_0.webp
static.clmbtech.com/ctn/74721/images/19/ Frame 75D4 28 KB
29 KB 571ms
570ms Image
image/webp 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.clmbtech.com/ctn/74721/images/19/8a6031802eab3d8c3808311c0fbfe12c_1623931777049_0.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

ebeadf3af8c3448ac707fbc91e07b992455233a04af58eb7bb58f74070f10881

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "70de-5c4f775ffdcef"
vary: Accept-Encoding
content-length: 28917
cteonnt-length: 28894
last-modified: Thu, 17 Jun 2021 14:59:59 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Sun, 20 Jun 2021 00:45:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 96ef7e4caaacdb05c895e9caa6c87a9f_1543656981665_0.jpg
static.clmbtech.com/ctn/27827/images/19/ Frame 75D4 10 KB
11 KB 15ms
14ms Image
image/jpeg 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clmbtech.com/ctn/27827/images/19/96ef7e4caaacdb05c895e9caa6c87a9f_1543656981665_0.jpg
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3b6f7fc716b1e889c5237d8c6e9dc883159fb90a4da68e87164c81b2d0cc5b96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:36 GMT
last-modified: Mon, 03 Dec 2018 04:22:39 GMT
server: AkamaiNetStorage
etag: "3cf6cbacd46442c8f287990db7647810:1543810959.696561"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10603
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 28e3c2aeadb50f48001bcb032eac64c6_1617793010189_0.webp
static.clmbtech.com/ctn/62257/images/19/ Frame 75D4 26 KB
26 KB 11ms
10ms Image
image/webp 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clmbtech.com/ctn/62257/images/19/28e3c2aeadb50f48001bcb032eac64c6_1617793010189_0.webp
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0e52c420a3946400f4f6672c6b1fb9fb787525fda425de75bf9d8ca665ffd603

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:36 GMT
last-modified: Wed, 07 Apr 2021 11:18:11 GMT
server: AkamaiNetStorage
etag: "5fdee7a519818f0827c04f76e2960969:1617794291.524229"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 26642
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 8a6031802eab3d8c3808311c0fbfe12c_1623931613862_0.webp
static.clmbtech.com/ctn/74721/images/19/ Frame 75D4 25 KB
26 KB 394ms
393ms Image
image/webp 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.clmbtech.com/ctn/74721/images/19/8a6031802eab3d8c3808311c0fbfe12c_1623931613862_0.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

5cd703b5f97d3c27a3ef25e2aa94657ea8e85a7811e7a0c0dbfff4055625d399

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "659a-5c4f765e64877"
vary: Accept-Encoding
content-length: 26033
cteonnt-length: 26010
last-modified: Thu, 17 Jun 2021 14:55:29 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Sun, 20 Jun 2021 00:45:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 22a9029311c6084f4494ea0ceec2e43d_1543656981702_0.jpg
static.clmbtech.com/ctn/27827/images/19/ Frame 75D4 14 KB
14 KB 16ms
15ms Image
image/jpeg 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.clmbtech.com/ctn/27827/images/19/22a9029311c6084f4494ea0ceec2e43d_1543656981702_0.jpg
Requested by: Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5048a3a11385a5574e12219f788865b35ea8e487e25efd2136061d3ef0593153

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:36 GMT
last-modified: Mon, 03 Dec 2018 04:28:08 GMT
server: AkamaiNetStorage
etag: "25d39654595500b066d5454401e7a87d:1543811288.658807"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13873
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 Colombia_Sponsored.png
static.clmbtech.com/ad/commons/colombiaonline/newlogo/ Frame 75D4 3 KB
3 KB 15ms
15ms Image
image/png 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.clmbtech.com/ad/commons/colombiaonline/newlogo/Colombia_Sponsored.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

0fc74c310962759fc0b52563c9518fb180d4b3572a5d33551fe0239b2b26a3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "c51-5b927e4a5af29"
ntcoent-length: 3153
vary: Accept-Encoding
content-length: 3176
last-modified: Mon, 18 Jan 2021 07:44:34 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Sun, 20 Jun 2021 00:45:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=7776000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 18 Sep 2021 00:45:36 GMT

GET
H2 200 ProximaNova-Semibold.otf
static.clmbtech.com/timeslocal/font/ Frame 75D4 166 KB
72 KB 26ms
12ms Font
application/vnd.oasis.opendocument.formula-template 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.clmbtech.com/timeslocal/font/ProximaNova-Semibold.otf

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

a652723b126f31d704b027c90f36289492e0ec1f3e5ca211bd969bd545585ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Origin: https://www.gadgetsnow.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "298b0-56e83885b28c0"
ntcoent-length: 170160
vary: Accept-Encoding
content-length: 73260
last-modified: Wed, 13 Jun 2018 10:34:51 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Sun, 20 Jun 2021 00:45:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/vnd.oasis.opendocument.formula-template
access-control-allow-origin: *
cache-control: private, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 20 Jun 2022 00:45:36 GMT

GET
H2 200 ProximaNovaRegular.woff
static.clmbtech.com/timeslocal/font/ Frame 75D4 39 KB
40 KB 20ms
6ms Font
application/font-woff 2a02:26f0:64::214:84c1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.clmbtech.com/timeslocal/font/ProximaNovaRegular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /

Resource Hash

38077797b6b28a95558d87acddbd36f5b892d4d62ccbac9d58c0978ec2a14fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Origin: https://www.gadgetsnow.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=157680000
content-encoding: gzip
etag: "9d2c-5653dbbe041c0"
vary: Accept-Encoding
content-length: 40136
cteonnt-length: 40236
last-modified: Thu, 15 Feb 2018 10:31:43 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
date: Sun, 20 Jun 2021 00:45:36 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: private, max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 20 Jun 2022 00:45:36 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CB13 2 KB
2 KB 41ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.gadgetsnow.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.gadgetsnow.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1802
set-cookie: uid=6976e5ae-6f57-41f0-ac70-b33e1348a193; expires=Mon, 20 Jun 2022 00:45:36 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Sun, 20 Jun 2021 00:45:35 GMT
content-length: 1129

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061703&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf010dc85e642cad6c9c3758fc3beacd29c94e12208b86a2b478d0925a629f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 00:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7944
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061703.js?31061501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 20 Jun 2021 00:45:36 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 717C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 19 Jun 2021 20:04:59 GMT
expires: Sun, 19 Jun 2022 20:04:59 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 35D1 783 B
531 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4839d5909ab57eb5ce2e16c27ad9cc055fa81be17530524aed8d160fa075cb1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N3jderBROmaQX3GcGUqhOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gadgetsnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gadgetsnow.com/

Response headers

expires: Sun, 20 Jun 2021 00:45:36 GMT
date: Sun, 20 Jun 2021 00:45:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-N3jderBROmaQX3GcGUqhOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 717C 14 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 21:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 21:30:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061703&jk=1037050982062372&bg=!OTqlOn7NAAZktE7iZLQ7ACkAdvg8Wjj5IjnA1_tsrrD7M25aozHay2g0FuwJ2pur7iv1mP22Q3A2XQIAAABeUgAAAAhoAQcKAAOJkM6ZAnOAiC44wzSL-T1hDy_P9azqbMsJcdieQZvhrFhYxh_N7lV6K5sAv6vWxS4V1jDE8o5vgdm7asZ-M9q7A3ujKL4Xk8Ue73LzuHytOAr5rkr2ZUYCOLvNOn-5C5yBy_CFxfdEgIgrfvWSviDRciJXOpnR-T_Cjc2k0Eqxt4b4UbClvlAKG9P-9CB_Z9Y3WRbWZt-OAf10JUKuvacQXBcLR4X1Onf9DDqVCgQ5eraRQ9cvlskADn-5RaSrTlIzI-TCYOddMmXCdPuK3OPcvyqmoSPvnhAehNWulhEYS4xbMalK2hlDHT0P36YbpinEEhS0iZoQUyu3KYucagscvv0qx1xX021ET7xVVZ7ocvPRmheyj8MfiFDUFAKnZP7IuwWiexm2Lt3vMHbeHjDlGUpRPwFO3nCopFr2mPU4teR1cn1r7i3CCq8WegOXoAgTQb-4H0hCRPt_hYTzcFuu3e-vHnOdi3EuSflPkDpUdNTMDvK96kS_Etxs-65F_G3gH2eYX25BnyCFeZbIYL7yavQNR4oPvt51GxwTZW3iFLlq5b3cs3ZFmYNClOjb9qsU-G9rDhLws-dPkndhKQPrzkDDdgxlzQp1yxIpstt9lUiKjIepoIbsglF4vHP6-vAg1p94hfCH1Cd8S02mH98NjfFwFJoitqs1L4NE5SGW3x12RThL77kL61GTGuB_4YSFsB7EonHOygnLc874UK1bZKZNwYNbJq98YTqVVcnGVCvMvJFfQOiks4CZ0qOuwwXmdWgxcwXr0ypCkGXWYlNt_9qUp3dp3jeYXlFTmIdJ1-g_un6tPLVDDdTR9vNLIw0uTwrZSgUVdYQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5334 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQUMxXVg_WsElhNbO3em4gVFwnJagwnSWuoN07azmmlcKTjLHzzpiU596Cq4urMJkNWN9UTR86caB8xaEwyydh_ShMW76YrvD_nWfAfXRDzkbKJneqHFknzaWy2g&sai=AMfl-YQArNdS9IBL9SIXMJwjBr0kjxvI--f6zp3AvTcPoSkM3YyF0AAGvFqY-J049JeX-3WYmgO9YkgSzK4XSBF_1y8Cb6FlDWpgk4tBAbpKRw9H8N7p6TZqDHmYse4&sig=Cg0ArKJSzKHZtWKLvAS3EAE&cid=CAASPeRoxp6emT3xtPJFnfb01ZO-r9Jy56EM-xhgG_Kxikd-jyMxXc_A7YdxbprIFa0T6IbqtGQEr9h0wXFgz5I&id=lidar2&mcvt=1000&p=836,1046,1086,1346&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1432746157&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624149935310&dlt=70&rpt=64&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C75A 42 B
64 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0rPl8wHmlh3Q9-bFYb-haKo7n8MgKScg6aSKT4gOB5xSP1WcDQmZiovJWjicwpgBYWon-I9gV8YXH80KzuPOiRvEnOw0mxflH8FbJZP4ug0o0IYSc6qz5Vj2SHw&sai=AMfl-YTjUZXjnsMBwLk_vY2WucSlYQyTjtI0L2XOqHDLKXHMr6O2A3nIuCts1TDKB9h1numnU1bQUtA0cI1gGVHHznaDaJ7jN6OJ6s7TI2JfswwzdNyt-s4ziUaHj3I&sig=Cg0ArKJSzMRqqOpl40C2EAE&cid=CAASPeRoU_UfJSy2vPMUHx4RDUT9f4KEGJFTkADIlB1z0sTXI2Db2DIzCmyCy2VI_-tgIBMn3O0JqGqEnbMfFD4&id=ampim&o=412,197&d=776,200&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=233&tls=1234&g=100&h=100&tt=1234&r=v&avms=ampa&adk=2153144874

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 00:45:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ConsentForm~Login.94554f23.chunk.js Show response
www.gadgetsnow.com/gnassets/ 28 KB
6 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/ConsentForm~Login.94554f23.chunk.js

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/bootstrap.7ea5dfd9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0c27f39e63b2281979318b085d349e824b50f77e11b45da80024e8ad2de33bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/ConsentForm~Login.94554f23.chunk.js
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 6073
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402442
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:39:39 GMT

GET
H2 200 Login.875df049.chunk.js Show response
www.gadgetsnow.com/gnassets/ 42 KB
12 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/Login.875df049.chunk.js

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/bootstrap.7ea5dfd9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7ce5120dcc4b5108f17812883d21a0e141933cac05e52cfb149db47ac473051b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/Login.875df049.chunk.js
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 11850
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402979
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:48:36 GMT

GET
H2 200 WithNotificationCenter.c0432f69.chunk.js Show response
www.gadgetsnow.com/gnassets/ 18 KB
5 KB 15ms
15ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/WithNotificationCenter.c0432f69.chunk.js

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/bootstrap.7ea5dfd9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7d81fa5b27a455b0e768bdf1b3670c8a3ac4fec07fa99275f2dc1c7847fb8a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/WithNotificationCenter.c0432f69.chunk.js
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 5220
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402357
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:38:14 GMT

GET
H2 200 Search.be25df9f.chunk.js Show response
www.gadgetsnow.com/gnassets/ 24 KB
6 KB 19ms
19ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/Search.be25df9f.chunk.js

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/bootstrap.7ea5dfd9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a05d368c51f3acc257c86c2822198da96a96dd2fb8b6fe61739b63e44ed29585

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/Search.be25df9f.chunk.js
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 6228
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402555
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:41:32 GMT

GET
H2 200 CountdownTimer.c20ca908.chunk.js Show response
www.gadgetsnow.com/gnassets/ 16 KB
5 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/gnassets/CountdownTimer.c20ca908.chunk.js

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/bootstrap.7ea5dfd9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d9967772f07dd428e43eddacbbd0b52dd175e4ee805c32afcc8a254cf4e7a016

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /gnassets/CountdownTimer.c20ca908.chunk.js
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 5249
pragma: public
last-modified: Fri, 18 Jun 2021 11:37:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31402557
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sat, 18 Jun 2022 11:41:34 GMT

GET
H2 200 jsso_crosswalk_legacy_0.5.3.min.js Show response
jssocdn.indiatimes.com/crosswalk/ 19 KB
4 KB 31ms
10ms Script
application/javascript 2a02:26f0:6c00:199::3621
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.5.3.min.js

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/ConsentForm~Login.94554f23.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:199::3621 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

66015f899ffae6b37c228a51c4a140d61b592da1ac57497248afd033a762ee9c

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
x-cool: 88.34
content-length: 3975
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Jul 2020 09:03:05 GMT
server: nginx
x-frame-options: sameorigin
etag: "4a0d-5a9fe7e1736c3"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
cache-control: public, max-age=9921468
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr
expires: Tue, 12 Oct 2021 20:43:25 GMT

GET
H2 200 wdt_notifyjson.cms Show response
www.gadgetsnow.com/ 2 KB
1002 B 123ms
123ms XHR
application/json 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/wdt_notifyjson.cms

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/vendors.c635b01c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1acf37f6856aa857db5597d001ed393aecb15d920e947c8b8dd1cfaba383ae03

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /wdt_notifyjson.cms
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: br
x-cool: 76.32
access-control-max-age: 86400
content-length: 652
content-msg: DATA_SERVED_FROM_CACHE
last-modified: Sun, 20 Jun 2021 00:35:38 GMT
server: nginx
strict-transport-security: max-age=86400
access-control-allow-methods: GET,POST
content-language: en-ZA
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=318
access-control-allow-credentials: false
content-type: application/json;charset=UTF-8
access-control-allow-headers: *
expires: Sun, 20 Jun 2021 00:50:55 GMT

GET
H2 200 json Show response
www.gadgetsnow.com/pwafeeds/gnow/web/list/search/ 2 KB
1 KB 129ms
129ms XHR
application/json 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/pwafeeds/gnow/web/list/search/json

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/vendors.c635b01c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / Express

Resource Hash

c1b75dd88c3b530221e7cfc1494384833053c5cdd9e5a2ef38356e02dd347d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pwafeeds/gnow/web/list/search/json
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Express
strict-transport-security: max-age=86400
vary: Accept-Encoding
content-length: 862
x-xss-protection: 1; mode=block
server: nginx
etag: W/"8f4-3EHT5cVZcTa7XDjl7cCmjaqzY6Q"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=238
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sun, 20 Jun 2021 00:49:35 GMT

GET
H2 200 81245133.cms
static.toiimg.com/photo/ 51 KB
20 KB 10ms
10ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/81245133.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

18e45783d358f056926deccd0f793803ce1da8f73ef04b17637ba6d7f7f4a160

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
etag: 52423
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=25180661
date: Sun, 20 Jun 2021 00:45:37 GMT
content-disposition: inline; filename=81245133.svg
appgn: 172248015101231618226580077
content-length: 20335
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 07 Apr 2022 11:23:18 GMT

GET
H2 200 json Show response
www.gadgetsnow.com/pwafeeds/gnow/web/common/countdownTimer/ 94 B
460 B 133ms
133ms XHR
application/json 2a02:26f0:6c00:1bb::3126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gadgetsnow.com/pwafeeds/gnow/web/common/countdownTimer/json

Requested by

Host: www.gadgetsnow.com
URL: https://www.gadgetsnow.com/gnassets/vendors.c635b01c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::3126 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / Express

Resource Hash

67d4de01aa24e9acea6fcdad43f36a5f8d9c29bee2604bd9091735f594dbc701

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pwafeeds/gnow/web/common/countdownTimer/json
pragma: no-cache
cookie: _ga=GA1.2.1653738162.1624149934; _gid=GA1.2.1396178576.1624149934; geo_continent=EU; geo_country=DE; geo_region=HE; optout=1; _grx=eb812bab-b2ef-41ba-92c2-4c2f702d60e3; _grxs=0ffc1b23-9e06-4853-a6c5-f2acb61d2743; _gat=1; __gads=ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.gadgetsnow.com
referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
x-content-type-options: nosniff
x-powered-by: Express
strict-transport-security: max-age=86400
vary: Accept-Encoding
content-length: 94
x-xss-protection: 1; mode=block
server: nginx
etag: W/"5e-HUzkcGehHuxTJgILRMXgTkYf+eM"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Sun, 20 Jun 2021 00:50:37 GMT

POST
H2 200 loggedInUser Show response
jsso.indiatimes.com/sso/crossapp/identity/web/ 93 B
4 KB 144ms
132ms XHR
application/json 2a02:26f0:6c00::210:bb29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Requested by

Host: jssocdn.indiatimes.com
URL: https://jssocdn.indiatimes.com/crosswalk/jsso_crosswalk_legacy_0.5.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3d776ad05de09002667c34dcef93d81380cbdcb79c2b28c89da392152028d2a1

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

channel: gadgetsnow
csrfToken
sdkVersion: 0.5.3
content-type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
IsJssoCrosswalk: true
Referer: https://www.gadgetsnow.com/
tksec
platform: web
ssec
csut
gdpr

Response headers

date: Sun, 20 Jun 2021 00:45:37 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cool: 64.23
server-timing: cdn-cache; desc=MISS, edge; dur=116, origin; dur=4
content-length: 106
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: sameorigin
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.gadgetsnow.com
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr

OPTIONS
H2 200 loggedInUser
jsso.indiatimes.com/sso/crossapp/identity/web/ Frame 0
0 142ms
128ms Preflight 2a02:26f0:6c00::210:bb29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://jsso.indiatimes.com/sso/crossapp/identity/web/loggedInUser

Protocol

Server

2a02:26f0:6c00::210:bb29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: channel,content-type,csrftoken,csut,gdpr,isjssocrosswalk,platform,sdkversion,ssec,tksec
Origin: https://www.gadgetsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-length: 0
access-control-allow-origin: https://www.gadgetsnow.com
access-control-expose-headers: csrfToken,ssec,tksec,csut,gdpr
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-cool: 64.23
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
date: Sun, 20 Jun 2021 00:45:37 GMT
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, content-type, method, IsJssoCrosswalk,channel, ssec, tksec, ticketId, platform, sdkVersion, csrfToken, csut, gdpr
access-control-allow-methods: GET,POST,OPTIONS

GET
H2 200 81245133.cms
static.toiimg.com/photo/ 51 KB
20 KB 10ms
10ms Image
image/svg+xml 2a02:26f0:6c00:1ab::216f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.toiimg.com/photo/81245133.cms

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:1ab::216f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

18e45783d358f056926deccd0f793803ce1da8f73ef04b17637ba6d7f7f4a160

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains, max-age=25920000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
server: nginx
etag: 52423
vary: Accept-Encoding
content-type: image/svg+xml
imagemagick_im4java: 1
cache-control: max-age=25180661
date: Sun, 20 Jun 2021 00:45:37 GMT
content-disposition: inline; filename=81245133.svg
appgn: 172248015101231618226580077
content-length: 20335
x-xss-protection: 1; mode=block, 1; mode=block
expires: Thu, 07 Apr 2022 11:23:18 GMT

POST
H2 202 track Show response
api.growthrx.in/v2/ 42 B
139 B 167ms
167ms Fetch
application/json 2a02:26f0:7100:290::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.growthrx.in/v2/track
Requested by: Host: static.growthrx.in
URL: https://static.growthrx.in/js/v2/web-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:290::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8719d96c77f887ea9b3b139dce98f0b2aa072ab557fc0ac24f9466dc7b3f3d2a

Request headers

Accept: application/json
Referer: https://www.gadgetsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sentAt: 1624149939656
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 20 Jun 2021 00:45:39 GMT
server: nginx
content-length: 42
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 track
api.growthrx.in/v2/ Frame 0
0 159ms
139ms Preflight 2a02:26f0:7100:290::2a5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.growthrx.in/v2/track

Protocol

Server

2a02:26f0:7100:290::2a5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sentat
Origin: https://www.gadgetsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type, sentat
access-control-max-age: 31536000
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-frame-options: sameorigin
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
date: Sun, 20 Jun 2021 00:45:39 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openx.net/	1970-01-19 19:30:45	Name: pd Value: v2\|1624149934\|kigqiysLommOgevNgunsn0gi
www.gadgetsnow.com/	1970-01-19 19:10:36	Name: geo_continent Value: EU
.openx.net/	1970-01-20 03:54:45	Name: i Value: dc561636-d4d8-02e1-0d2f-d833335c712f\|1624149934
.gadgetsnow.com/	1970-01-19 19:09:09	Name: _gat Value: 1
www.gadgetsnow.com/	1970-01-19 19:10:36	Name: geo_country Value: DE
.gadgetsnow.com/	1970-01-20 03:54:45	Name: optout Value: 1
.gadgetsnow.com/	1970-01-20 04:30:45	Name: __gads Value: ID=262d4c9545fdb760:T=1624149934:S=ALNI_Mbzk4QBIGi1ltdwtu6OeE_kUKLsGA
.gadgetsnow.com/	1970-01-19 19:09:11	Name: _grxs Value: 0ffc1b23-9e06-4853-a6c5-f2acb61d2743
.doubleclick.net/	1970-01-20 04:30:45	Name: IDE Value: AHWqTUmqxFmdhl50Hskuk3AAytjZNa4BU8dtUOzLFg__whq66rUX4c4zSNLV08-ZMgg
.doubleclick.net/	1970-01-19 19:09:13	Name: DSID Value: NO_DATA
.gadgetsnow.com/	1970-01-20 12:40:21	Name: _grx Value: eb812bab-b2ef-41ba-92c2-4c2f702d60e3
www.gadgetsnow.com/	1970-01-19 19:13:29	Name: geo_region Value: HE
.gadgetsnow.com/	1970-01-19 19:10:36	Name: _gid Value: GA1.2.1396178576.1624149934
.gadgetsnow.com/	1970-01-20 12:40:21	Name: _ga Value: GA1.2.1653738162.1624149934

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/tc/VV-2Th4P9pmpW4wP3Fd3Nz4qWW2sbCLr4t0NC0N2qdv0J5kbT5V3Zsc37CgLNHW2vb8Ld7kWTLDW6MDclY4MBJGRW4k3Plp2yZtrqN6RD0k1mx1zMW8wjQVz18P584W99Qr0K60zNP3W2J7DCR4NlZBFW4vzHz-8GDLxQW4t3Hqt7lF7h4W8jcL0N1cpDc-W6tvMjY5qkQznW2sNk4P60rgC4W7M8gPt3SgGZjW5vq5m74MSgckW12H1mz8ZgpqNW49jZym6fJhDjN8pkYHXfwW7wW20vWQ26H9ccVW825qk-3vMFS1W3FgdRC7ggg6sW6rtW7L39H2gXW4sGlmX65kq11W33166B7xk4hGW8rkJm75Nfc8qW6RrYJ-2c0XrtW3_4hLd9gQgmrVqTP1l2gQKLyW6ypr_p2TWNJWW8yDxwz5HbJr9W3kWwjv72t4HLW7KH8-06PkztYW7N749Z8jPR1l3fv_1(Line 13) Message: toS
console-api	log	URL: https://www.gadgetsnow.com/gnassets/slideshow_desktop.34a1c879.chunk.js(Line 1) Message: This browser does not support notifications!
console-api	info	URL: https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2106141722000 https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
console-api	info	URL: https://cdn.ampproject.org/rtv/032106141722000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2106141722000 https://www.gadgetsnow.com/slideshows/joker-virus-continues-to-haunt-google-found-in-these-8-android-apps/photolist/83657428.cms?utm_medium=email&_hsmi=134933880&_hsenc=p2ANqtz-_caMDlNPa9T3VAdZG6EtEIUK-tCrUs490sagBp7QWy7kkfdnWGkJtppl4Xzu7OEZkC2gOTTbZNR88Fp2WQkwXKUAD0MA&utm_content=134933880&utm_source=hs_email
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6212998800990712918/js/script.js(Line 56) Message: 11750

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7d7d17c99e5e48abe287ee26cb36c558.safeframe.googlesyndication.com
ade.clmbtech.com
adservice.google.com
adservice.google.de
agi-static.indiatimes.com
api.growthrx.in
as-sec.casalemedia.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
dsp.nrich.ai
eu-u.openx.net
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
geoapi.indiatimes.com
go.recordedfuture.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hb.undertone.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
js-sec.indexww.com
jsso.indiatimes.com
jssocdn.indiatimes.com
match.adsrvr.org
match.prod.bidr.io
pagead2.googlesyndication.com
pixel.quantserve.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
r.scoota.co
rtb-csync.smartadserver.com
rtb.openx.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.clmbtech.com
static.criteo.net
static.growthrx.in
static.toiimg.com
stats.g.doubleclick.net
sync.mathtag.com
timesinternet-d.openx.net
toiassets.indiatimes.com
tpc.googlesyndication.com
us-u.openx.net
www.gadgetsnow.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.248.242.197
142.250.184.226
178.250.0.165
18.193.131.224
185.29.135.234
185.64.189.110
185.86.139.113
198.148.27.139
2.18.234.21
216.58.212.130
23.37.38.181
2606:2c40::c73c:6702
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:64::214:84c1
2a02:26f0:64::214:84d2
2a02:26f0:6c00:193::216f
2a02:26f0:6c00:199::3621
2a02:26f0:6c00:1ab::216f
2a02:26f0:6c00:1bb::3126
2a02:26f0:6c00:28a::2a5b
2a02:26f0:6c00::210:bb29
2a02:26f0:7100:290::2a5b
2a02:26f0:7100:292::3857
34.98.64.218
35.156.10.121
35.157.221.90
35.210.53.219
35.227.252.103
37.157.4.23
37.252.173.27
47.252.78.131
51.68.39.188
52.17.35.107
52.209.246.140
65.9.77.25
65.9.77.30
00a76d8b41107a03edfbb4d347b6fcfe31e7764a8393a36f90e0275c019fef01
0577adc4d9d215fab8ad9b9f17ce6d44953b9a1a20f4ed14f10b156c530b4a0a
05812a62ca57738621bfb35174e877ac4dec5859d92c36c22b17f37d2b73cad8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c27f39e63b2281979318b085d349e824b50f77e11b45da80024e8ad2de33bda
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0e52c420a3946400f4f6672c6b1fb9fb787525fda425de75bf9d8ca665ffd603
0f1f1197ed9dc48530d98355a97ac67d2199fd89346141e954bc57673034d510
0f78117c0d87089da7e17d9a4d8a2eda06833fdf7aff257da6ddb2b1aa328e7a
0fc74c310962759fc0b52563c9518fb180d4b3572a5d33551fe0239b2b26a3bc
1004a7c69c7fd163736704cf3cdb7828f96b8c430b79935e4ad6992cbb33f2ac
1019d4536ff56f5984458a45ec1dd3fe32d83ec5cecb8ce9b0c675fed7330b53
115abb17d6418139d2f72ebe7bbe6f5d7bf07afd9d3bd33e9ef211ffa0afdfc6
1275f5002f1fb5418de69bba40d0be4b9613e7aa418ee1e4944fe3d3dc3040ff
12dc37fb4fcc5fd9cda6a7ba9ff5a96c140ec8bac8e1301c4612c1ca34a2d634
15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1882298b946e3fc54f194fcee9eb919b48565b41db5a60bb9334b1d44c469144
18e45783d358f056926deccd0f793803ce1da8f73ef04b17637ba6d7f7f4a160
1acf37f6856aa857db5597d001ed393aecb15d920e947c8b8dd1cfaba383ae03
1dd79afca7d3ccc2ba879dc8650f7483d21bc71c58ad21951f8d142bee85842e
1ef5da18f8b87352f7274273f3a801336d73b18dd24bff1a4633fabe73bcb363
1f43ad8d6eeb0cffee997b84e2c5b66191836673a3e73c98dbb23bd4298197e8
1f4be34c8eb670c540cb18ab7c4a313e91fa50814c2fc55d31354ab18e83852b
253f7cac12ef934cdfe9f36246cf7dfefc2ca047e900803cdc5ddb72e19ab96a
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2ae54bd23649cebf351c4bb07cd8cc4727e8943597baa7ebaf61eaa2712a29b1
2bf9a5b8883eafc3205d36687ebfaa7dcd90acb6119540c76015114d8e0c3870
2c8289dbe1f262e60bd56c53cd3f905b2b6527e0dfa017e612663f6e4ef76d0e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d8bf02110e512521ed5beafe3c620ba0e9248b67453705e575062a292e785ca
304ba4b3313021da979c9dd51fb4cefa3eda0b1be3c9513602cee8a3f4bd0f5a
309d93da58ec9b2f902bd0e85f6eda0ff14ad458b308c5effd6590131f63994c
325fbe49f3d8d0d8f7396a1747f48b6e13405ce8533844044b1646715018f269
34990e6c71b076479eab373cc9903c82c11e7ae4e928a47a4f951f8fbf447bbd
34d1734ffada534ddcd84409527f77499626f6577c10e0a76e35e8de8944bff3
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
362cc64442f923db7ce8e3da84fe3f3f88d2dc882d43a9388aebd600d36ca45b
38077797b6b28a95558d87acddbd36f5b892d4d62ccbac9d58c0978ec2a14fb2
3b18e345edc892437ad4bc2545e71dfe96f8871be788026d695e215e609010e8
3b6f7fc716b1e889c5237d8c6e9dc883159fb90a4da68e87164c81b2d0cc5b96
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
3d776ad05de09002667c34dcef93d81380cbdcb79c2b28c89da392152028d2a1
3f00b922b10840aa87582be564f52d73fdc3afbcadff9900f25d5cf26189b982
42dec028978d0ffc2c15bb09507c878590365de86850e6661c271fd663ec2d2f
44eb57b314c5a2db3b46e1733c8d5613dca04fc9c8def433ecfd735d3c72261a
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
460243b37dc54425f7104fa2a1dd78712437bd85d61a0d10fdbc60cd77732ccc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5048a3a11385a5574e12219f788865b35ea8e487e25efd2136061d3ef0593153
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
53e84c34cc73de54bd74686dda62e36941bd93aec206c032cce3b0b5f23a881e
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55ef4a4c84f9fefce76f5d2327f735ed89dbc16726a64c1d84cb1be4220fdb99
5799af653d0bcb14b127d69041b1b5e8b5cd6bb58ccada5ea22f3abd4295a1ae
5cd703b5f97d3c27a3ef25e2aa94657ea8e85a7811e7a0c0dbfff4055625d399
5e768c0b00ea9f81b1effbd05369928647dad333e67f7d9c9eacbfce05e46009
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f8c58b0979e4c89f082e36bc2bf1fe8ec162a07307fc6d80b3c6da7f0fe4567
66015f899ffae6b37c228a51c4a140d61b592da1ac57497248afd033a762ee9c
67d4de01aa24e9acea6fcdad43f36a5f8d9c29bee2604bd9091735f594dbc701
6c29a79406d965fdece620d1039834481a5f7346d722f592cc97d414505191af
70f4e273823a57e09e249e639b08f07f7e6ac91c7c57276a7fc51924dd357f3a
73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e
7ce5120dcc4b5108f17812883d21a0e141933cac05e52cfb149db47ac473051b
7d81fa5b27a455b0e768bdf1b3670c8a3ac4fec07fa99275f2dc1c7847fb8a2c
7e942ed58479f7e42d27a357f91f41438f4b1dbd95b44f93bfc146e877dffdc2
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
816c1eebe720fccc09d76d4f239838516a1c65831c00af3586a59ed253239119
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836dbbf520754fa99c85f9dadf9702e183e88f575d6977625b5d7167993f393e
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860f4c80a9fc666221a2ae804ccf758683a1318f25a580281587ce70c1f59c11
8719d96c77f887ea9b3b139dce98f0b2aa072ab557fc0ac24f9466dc7b3f3d2a
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
87b242d3d1d01f701bc702a17a466721b23595794511add0c9160180127ab1f9
88d500c0d33f72c554b487194ee3154b5d440fccec738707db1ed6eeb5fcf0c8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fad734f6a14e2a0e70b09ef077a354d1e858bd9c2618acfd34e073b15238b38
93f69861694364b70815444082770b6ffb3e5c21f6d94b4c8deb39a6228e8329
957a350dbc16b9aab51e0b7f7238eb63c2886ae0aec8995172df99cd55248f0d
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
96f263aa48bae522229135546429df533ae8e81e5991e145b7ac4254a6be4841
98998e51489b6a9be3288625cb3d4e5c1e3f96abec878ec072b37b3d911bbfc1
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
9a558f4172f04c1e49a56918866798aa055257215f58f7ed352ff285a035e61f
9ac3d5c3304b0bea0841274d96097a2ce348bc46e544499ef4e9803211816638
9dbbab3282033766ea84602f0d689a7fc012f0902a15e541be8de3198258e7f2
a05d368c51f3acc257c86c2822198da96a96dd2fb8b6fe61739b63e44ed29585
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2a2ee44f4c97741eb4e4e146e5693a127e82d6bda3449c30f6aa76755a82877
a4737c330e180a3f59396d37eaa641181a86e3fbc812129fcf7c9bdbe3584de5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c277a09a1c34323d0f277fb4fefb1cf8ce789e72cbe6abc5b8a1a37a2069ca
a652723b126f31d704b027c90f36289492e0ec1f3e5ca211bd969bd545585ed8
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a804b6b68765ae93fcd09050d1dd8aaa096643f65f1b6efa72957414a801f2bc
a9ceef19064096edd59fb59d5aba5f6a5a990cf44e47d61ac0e0ed0979cca361
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
acc7c5a5798e2d25d7902f84188a4044b8b495646ddec8bbb2c0ee6d422bfdce
ae6e2d22cdc191bfde8a40e3cc261fb4064011eb0bb4815064929469c9b43142
ae9169f426aa7925b0fd20a3a513921481d75aa25b1be39ad4106f1ebb0cd203
af3ecf4b1d4d507da67985812f69cbcc5c7d57edc7792e4c01fcb5dd6e04a46a
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221
b71947e88881d359d037dc5849bc00caa7b3005b0dfa7b2c68ea0791dbce80a2
bcd32d026525fd11f6e6cbdbd3b7c7f6f85655eda2d368cc4a6d5d030fd1749b
bf010dc85e642cad6c9c3758fc3beacd29c94e12208b86a2b478d0925a629f4e
c1b75dd88c3b530221e7cfc1494384833053c5cdd9e5a2ef38356e02dd347d0e
c666ce1a6c36a90661b63166f90a7f9b68ca763d54feabeee914f2d4c443a4a2
ca3e5c4640f019e2c2dc3cdcb318c2cee57f499077d20416477b1f471a59e426
ca573b49b9a2a6e50e565e3c8c10fed1c921f9a5f33c3d899c6c1a96c397253e
cab0d0e3774e71adf242faca602003116fb108995d0d5e285027b05fe12ce3d2
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d2db81b4ede1bbf677baeb4287ea49e10f40cdd919964b14dc07490d970fa219
d4249f031fa8d4ad2c62ccaee68f209d34543a6d26da49d289a9a4032d2f25ea
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9967772f07dd428e43eddacbbd0b52dd175e4ee805c32afcc8a254cf4e7a016
dd0e89dd40929300c6131c15452ca4d4ad76deb8646102974fa8768ec582694c
ddb74183b6e56425f5266cfb6cb12d14b4fb81e96a4adedd1ab98974d4a930bd
de4b635b0406bc82361620df0970fa5a3fd4585484c6a7c7fa220c18d7ad26ed
de4b846f289a63be3f3310afd5bc823396b1ece130838e5e36c8e74cae55b369
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df9404be19452ce521650142b064789268ea2ae71252a522f24aacd795f9c1ae
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e4839d5909ab57eb5ce2e16c27ad9cc055fa81be17530524aed8d160fa075cb1
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8bf40ec9a61ab06f066c8e7dbcf4b16d9ff3d4d96d1b2babe0ff9cf71c1b413
ebeadf3af8c3448ac707fbc91e07b992455233a04af58eb7bb58f74070f10881
ecdc50d52c709dcee691a38026d3fd60a962e65db82c697ebdc2d0e23bff66fb
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef00aea52a5f5ce1843747529a4f5eb50a4c4dbcc174e31ad5b3a7f75d8ca283
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b44004f887b842b12ea54876b75b5f8d06ce31745fe245b4caffe6b2df73fb
f5e7579319c1019f19752e7f9d855307d3bef02ec7b57e7b1b0bc549ea697b5b
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
fcd62eee1df598b504601fe6635c969e534ee8b37665f31e26cda30a9f0b7532

www.gadgetsnow.com Open in urlscan Pro 2a02:26f0:6c00:1bb::3126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

297 Requests

100 %HTTPS

58 %IPv6

39 Domains

58 Subdomains

46 IPs

7 Countries

2453 kBTransfer

6099 kBSize

14 Cookies

23 Outgoing links

Page URL History

Redirected requests

297 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gadgetsnow.com Open in urlscan Pro
2a02:26f0:6c00:1bb::3126 Public Scan

Screenshot
Live screenshot

Full Image

297
Requests

100 %
HTTPS

58 %
IPv6

39
Domains

58
Subdomains

46
IPs

7
Countries

2453 kB
Transfer

6099 kB
Size

14
Cookies

297 HTTP transactions
8 data transactions