URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26...
Submission: On March 31 via manual from CA

Summary

This website contacted 24 IPs in 5 countries across 32 domains to perform 75 HTTP transactions. The main IP is 151.101.194.166, located in United States and belongs to FASTLY, US. The main domain is gizmodo.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on November 25th 2020. Valid for: 5 months.
This is the only time gizmodo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
44 151.101.194.166 54113 (FASTLY)
1 184.51.9.98 16625 (AKAMAI-AS)
7 13.226.159.39 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.232.198.217 54113 (FASTLY)
2 13.226.158.204 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 23.37.53.17 16625 (AKAMAI-AS)
1 13.225.74.44 16509 (AMAZON-02)
1 52.30.177.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 151.101.14.137 54113 (FASTLY)
1 151.101.194.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.162.134.165 14618 (AMAZON-AES)
1 34.120.133.55 15169 (GOOGLE)
1 52.17.101.63 16509 (AMAZON-02)
1 35.201.100.179 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.194.60.203 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.230.142.21 14618 (AMAZON-AES)
75 24
Domain Requested by
16 gizmodo.com gizmodo.com
x.kinja-static.com
12 x.kinja-static.com gizmodo.com
x.kinja-static.com
7 cdn.privacy-mgmt.com gizmodo.com
cdn.privacy-mgmt.com
4 f.kinja-static.com gizmodo.com
3 sb.scorecardresearch.com 1 redirects gizmodo.com
2 c.amazon-adsystem.com gizmodo.com
x.kinja-static.com
2 www.google-analytics.com gizmodo.com
x.kinja-static.com
1 g-omedia.com gizmodo.com
1 www.google.de gizmodo.com
1 www.google.com gizmodo.com
1 stats.g.doubleclick.net x.kinja-static.com
1 ping.chartbeat.net gizmodo.com
1 connect.scroll.com x.kinja-static.com
1 match.adsrvr.org x.kinja-static.com
1 api.rlcdn.com x.kinja-static.com
1 idx.liadm.com x.kinja-static.com
1 ampcid.google.de x.kinja-static.com
1 kinjadeals.theinventory.com x.kinja-static.com
1 thetakeout.com x.kinja-static.com
1 theonion.com x.kinja-static.com
1 theinventory.com x.kinja-static.com
1 avclub.com x.kinja-static.com
1 theroot.com x.kinja-static.com
1 lifehacker.com x.kinja-static.com
1 kotaku.com x.kinja-static.com
1 jezebel.com x.kinja-static.com
1 jalopnik.com x.kinja-static.com
1 deadspin.com x.kinja-static.com
1 cds.connatix.com gizmodo.com
1 cd.connatix.com 1 redirects
1 ampcid.google.com www.google-analytics.com
1 insight.adsrvr.org gizmodo.com
1 cdn.britepool.com gizmodo.com
1 btloader.com gizmodo.com
1 kinja-com.videoplayerhub.com 1 redirects
1 static.chartbeat.com gizmodo.com
1 static.scroll.com gizmodo.com
1 kinja.com gizmodo.com
1 js-sec.indexww.com gizmodo.com
75 39
Subject Issuer Validity Valid
univision.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-11-25 -
2021-04-20
5 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.privacy-mgmt.com
R3
2021-02-03 -
2021-05-04
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.scroll.com
R3
2021-03-03 -
2021-06-01
3 months crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2020-06-01 -
2021-06-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-06 -
2021-10-06
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
cdn.britepool.com
Amazon
2020-05-13 -
2021-06-13
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.google.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2
2020-09-29 -
2021-10-19
a year crt.sh
*.google.de
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.liadm.com
Amazon
2020-11-30 -
2021-12-29
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
www.google.de
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
g-omedia.com
Amazon
2020-05-05 -
2021-06-05
a year crt.sh

This page contains 14 frames:

Primary Page: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Frame ID: 2019D08100CFEE73535AD95E5BE632AA
Requests: 57 HTTP requests in this frame

Frame: https://deadspin.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: A0295ABEBECFCC2F5746CEE75CA96C07
Requests: 1 HTTP requests in this frame

Frame: https://gizmodo.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 2A30FD73AA2FE6B66C8A05A6A3EC3D21
Requests: 1 HTTP requests in this frame

Frame: https://jalopnik.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 8EE81FD5DE5D3069759F875399B408E0
Requests: 1 HTTP requests in this frame

Frame: https://jezebel.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: E664DE9E9C96B71BBBE2571EDF8A9A42
Requests: 1 HTTP requests in this frame

Frame: https://kotaku.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 12D8785D28899622A282F255F3624AA9
Requests: 1 HTTP requests in this frame

Frame: https://lifehacker.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 392D5A07D94708447EFEA53E45B21B6F
Requests: 1 HTTP requests in this frame

Frame: https://theroot.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 000EAB49785C73D40D008CB33722E9F4
Requests: 1 HTTP requests in this frame

Frame: https://avclub.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 016FCAC8AB48DEDF63674CB80CC0248C
Requests: 1 HTTP requests in this frame

Frame: https://theinventory.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 33E39BB6A349FC78FCA2A4E93197DE10
Requests: 1 HTTP requests in this frame

Frame: https://theonion.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 41D4469D5443D2D05867C88CE9049AB3
Requests: 1 HTTP requests in this frame

Frame: https://thetakeout.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 4E9CDDEF4534671703838D2D72F4ACCE
Requests: 1 HTTP requests in this frame

Frame: https://kinjadeals.theinventory.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Frame ID: 329319C8C5D23F4443C3C2CB10F178C9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
Frame ID: A46741909F07C73F45AD2D258DAB7223
Requests: 5 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

75
Requests

100 %
HTTPS

38 %
IPv6

32
Domains

39
Subdomains

24
IPs

5
Countries

935 kB
Transfer

3476 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=kinja-com&upapi=true
Request Chain 41
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/110783/connatix.playspace.dc.js
Request Chain 56
  • https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1617205572038&ns_c=UTF-8&cv=3.5&c8=Kinja&c7=https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%2526utm_source%3Dgizmodo_email%26utm_campaign%3Dtop&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1617205572038&ns_c=UTF-8&cv=3.5&c8=Kinja&c7=https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%2526utm_source%3Dgizmodo_email%26utm_campaign%3Dtop&c9=&cs_ak_ss=1

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
gizmodo.com/
112 KB
25 KB
Document
General
Full URL
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
ea7c4d41f9a8d8d125a029edce55590889b5d128e9c56bd5c349fdc03be4c320
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
gizmodo.com
:scheme
https
:path
/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by
Express
x-kinja
kinja-magma-kube02-cb55f955d-6zrlc #2589
x-kinja-revision
5e37fadf86de3c617680566e646d5ca188f950f8
x-kinja-server
kinja-magma-kube02-cb55f955d-6zrlc
x-kinja-build
2589
cache-control
stale-if-error=86400, stale-while-revalidate=300
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-googlenews-bot
false
content-type
text/html; charset=utf-8
etag
W/"1bedd-tSUXcnLY+QMuOQj4pIcURaDS2CY"
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-cdn-fetch
mantle-default
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:11 GMT
age
0
x-served-by
cache-bwi5161-BWI, cache-hhn4020-HHN
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1617205572.529620,VS0,VE161
x-ua-device
desktop
set-cookie
geocc=DE;path=/; KinjaBucket=2;path=/;Max-Age=31536000;domain=gizmodo.com;SameSite=None;Secure; KinjaSetBucket=2|1617205500|47xqw7l8oIucEHMxlx/46g/hiPvFM4mhXU0bFGSjCUo=;path=/;Max-Age=300;SameSite=None;Secure;
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, Cookie, X-GoogleNews-Bot, X-Kinja-WelcomeAdLoadedV1, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-Kinja-GDPR, X-Kinja-CCPA, Authorization
content-length
22497
proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/
27 KB
28 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://gizmodo.com
Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
84
x-cache
HIT
content-length
28044
x-amz-id-2
WHVmXzW3wmSV4nSaJ+EBZYnjRDj052jMd5ISuFXE3eYoDx4a6puwSlzIjYMQ0BsTznf2Y71HR+c=
x-served-by
cache-hhn4047-HHN
last-modified
Thu, 11 Mar 2021 17:16:21 GMT
server
AmazonS3
x-timer
S1617205572.775549,VS0,VE0
etag
"94cbaf403b2922fd6858c812dae091fb"
x-amz-request-id
MSBQSDCFY6C67A2J
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
2
proxima_nova_cond_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/
30 KB
30 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg_it-webfont.woff2?08252015
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://gizmodo.com
Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
51
x-cache
HIT
content-length
30416
x-amz-id-2
43PUIggXQ3THn+ySDoJEPD5GhGJLRnvIElnWFAOHcjMzeIOTwkiVLIt768pmePjcNQgr20+eF1g=
x-served-by
cache-hhn4047-HHN
last-modified
Thu, 04 Mar 2021 19:19:03 GMT
server
AmazonS3
x-timer
S1617205572.775538,VS0,VE0
etag
"bea38ea36d2aba1d5da6e8f842425e40"
x-amz-request-id
H8ZE83WWCY7NJB2P
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
2
proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/
27 KB
28 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://gizmodo.com
Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
84
x-cache
HIT
content-length
28136
x-amz-id-2
som84q+d3ZyCN6eeD+KtWqtTVt+CsbVhyiAZVqfOj+kzKXk1PPHslgwc26GrP5pX398QuLViNVc=
x-served-by
cache-hhn4047-HHN
last-modified
Fri, 19 Mar 2021 12:39:17 GMT
server
AmazonS3
x-timer
S1617205572.775528,VS0,VE0
etag
"7ac1e4b7ab03f256e831e00e3b5618a6"
x-amz-request-id
D05B551GGW2BT5T0
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
2
proxima_nova_cond_sbold_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/
30 KB
30 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold_it-webfont.woff2?08252015
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://gizmodo.com
Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
20
x-cache
HIT
content-length
30232
x-amz-id-2
jLELMcmC5unxwSLusU2pvU3wzAnSV4rwVP/pHBd6D4uFcEZ1MK77ZoDL1x1JHLoflY7r1f46Lnk=
x-served-by
cache-hhn4047-HHN
last-modified
Wed, 03 Mar 2021 19:54:02 GMT
server
AmazonS3
x-timer
S1617205572.775575,VS0,VE1
etag
"6d0ce198b25710fd5d0a2c0fb863b22c"
x-amz-request-id
M6TTV2469BCPP39G
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
1
183957-47751755686051.js
js-sec.indexww.com/ht/p/
47 KB
16 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 15:46:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 14:45:18 GMT
Server
Apache
ETag
"9031c9-bde7-5bed629e43df1"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=178
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
15802
Expires
Wed, 31 Mar 2021 15:49:09 GMT
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/
151 KB
44 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 21:07:41 GMT
server
AmazonS3
age
2294
etag
W/"8073094d2add7dd857b75129d94e1d56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Wed, 31 Mar 2021 15:07:58 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
8QfIw9WcD6sjF87TCeqfUmGWM_xRSD87DsTQsAbKcFwU73Svsuj7Fg==
accountwithtoken
kinja.com/api/profile/
197 B
1 KB
Script
General
Full URL
https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbf0ba1784f42772f34d21d8cd0828b09544115f10c59019ccd9c1b2ab75bb44
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-cache
MISS, MISS
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device
desktop
x-cdn-fetch
mantle-setcookie
content-length
194
x-xss-protection
1; mode=block
x-served-by
cache-bwi5162-BWI, cache-hhn4020-HHN
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1617205572.776320,VS0,VE89
x-frame-options
DENY
date
Wed, 31 Mar 2021 15:46:11 GMT
vary
Accept-Encoding,Origin
content-type
application/javascript; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-cache-hits
0, 0
runtime~trackers.498411aa4bbcdbcc5e0b.js
gizmodo.com/x-kinja-static/assets/new-client/
3 KB
1 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/runtime~trackers.498411aa4bbcdbcc5e0b.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28401c718fef70dedbe8cc9b6a4b8d2728345b31a0e32eccf65cfe73e3ca0e61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1770406
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
1094
x-amz-id-2
goZ6yxYsIFIrteQ23Ca+jeiRu7QJvsZT5mvW8sD9r1FYXi0JzKoXPEJGWKdJNcvhbqTbRJ+OXSM=
x-served-by
cache-hhn4058-HHN, cache-hhn4020-HHN
last-modified
Wed, 10 Mar 2021 18:49:22 GMT
server
AmazonS3
x-timer
S1617205572.691804,VS0,VE0
etag
"50bc3baa3cc482f6143bad4441cb7613"
vary
Accept-Encoding, Authorization
x-amz-request-id
13ZAN5R5EAA3JBY1
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2, 533
vendors~adEditor~adManager~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~~531f1f9a.7c6912e94d95ed76f886.js
gizmodo.com/x-kinja-static/assets/new-client/
8 KB
3 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~~531f1f9a.7c6912e94d95ed76f886.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1644f5a080fb3782837169e1612393ec98a0bf7819fd81242506dbdd676125c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
170466
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2604
x-amz-id-2
d6lYwNdj1doOCT5IiKO47DrF2LZRn43z1RLEHLW54mUJf9iIXNUvV56hZZQGKL6Q2jXBb+KDIi4=
x-served-by
cache-fra19120-FRA, cache-hhn4020-HHN
last-modified
Fri, 26 Mar 2021 13:15:19 GMT
server
AmazonS3
x-timer
S1617205572.691369,VS0,VE0
etag
"400a7fa90e7b4b0b5b028a1b45b6d04c"
vary
Accept-Encoding, Authorization
x-amz-request-id
V6NFZ989J85D7GY6
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 563
vendors~adEditor~adManager~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~~7993ca9e.16be09672e005f5dba1d.js
gizmodo.com/x-kinja-static/assets/new-client/
154 KB
43 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~~7993ca9e.16be09672e005f5dba1d.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ded35b1d277c9b9827d088311e566bb9ad37a3bd52953580e2a83fb12afe200
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1196546
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
43710
x-amz-id-2
8rJwCVvQhVwlztjRGBxlonO4uszeAxxETwjBJzGgaVzLyn5DR+qA3trKiHyr93C7A+w4cclyGQk=
x-served-by
cache-hhn4062-HHN, cache-hhn4020-HHN
last-modified
Wed, 17 Mar 2021 19:18:50 GMT
server
AmazonS3
x-timer
S1617205572.691360,VS0,VE0
etag
"06efb93572b5790e0a6e312935188ffa"
vary
Accept-Encoding, Authorization
x-amz-request-id
GYNECWP2HADTM0SE
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 556
vendors~adEditor~adManager~ads~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~~bcafd0e4.0c5049fe8b3ddc9d71ff.js
gizmodo.com/x-kinja-static/assets/new-client/
6 KB
2 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~adManager~ads~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~~bcafd0e4.0c5049fe8b3ddc9d71ff.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a34e91b060fc24aea945bf13eb33dfa0da086d81780cb1fc8cad673444682898
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
170486
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2207
x-amz-id-2
Vw0wBoyPeQrW1QZ3Gqfb6GacMRkysFeFUKEj2RNWvywo81jJXAw8YWoJaI0WpWTSrFcm6JjgS7k=
x-served-by
cache-fra19168-FRA, cache-hhn4020-HHN
last-modified
Fri, 26 Mar 2021 13:15:19 GMT
server
AmazonS3
x-timer
S1617205572.691357,VS0,VE0
etag
"4a82132d1af1ea8492565e90ecf3560c"
vary
Accept-Encoding, Authorization
x-amz-request-id
Z4WQVZA7AS7YTHTD
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 551
0.f758c4df3ba69d7f87f5.js
gizmodo.com/x-kinja-static/assets/new-client/
7 KB
3 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/0.f758c4df3ba69d7f87f5.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8603dbf0d77ac5430fc6303781b17dfaf6b888a02087afca291e6db32b54594a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2384522
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2252
x-amz-id-2
pfcfrx48bXmDb4jeYL+ECOEVXJxA3egxt5/9zWPmwmw+jiAWDexbFIrWM2oirsJUlOcDKV8YhAg=
x-served-by
cache-hhn4028-HHN, cache-hhn4020-HHN
last-modified
Tue, 02 Mar 2021 17:53:50 GMT
server
AmazonS3
x-timer
S1617205572.691345,VS0,VE0
etag
"f579a0baee02411c9d964986d4b9a899"
vary
Accept-Encoding, Authorization
x-amz-request-id
WY484A1Q3QGTWS1Q
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 532
vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~eb5316e8.d73f10a5078fd928f1e1.js
gizmodo.com/x-kinja-static/assets/new-client/
5 KB
2 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~eb5316e8.d73f10a5078fd928f1e1.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6308b12748754532642c8d826cd0fe36659d873f570d9e77b465a63d5242f77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2385936
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
1906
x-amz-id-2
APmxsH/zJLyKRdF1LWGY/lr7tRCR27Tg0UD6jiHgu8fgH8XYTpQ389O5wQLLjvc3nKhLhH3BdlQ=
x-served-by
cache-fra19178-FRA, cache-hhn4020-HHN
last-modified
Wed, 03 Mar 2021 19:58:18 GMT
server
AmazonS3
x-timer
S1617205572.691327,VS0,VE0
etag
"3183283183f2752ea647a98936277c8d"
vary
Accept-Encoding, Authorization
x-amz-request-id
DEWQZZM0PYXYWF3Z
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 41
adEditor~adManager~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~errorPage~experiments~fe~99cd4873.033c1a1028c34c90b868.js
gizmodo.com/x-kinja-static/assets/new-client/
55 KB
13 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/adEditor~adManager~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~errorPage~experiments~fe~99cd4873.033c1a1028c34c90b868.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f3d1d28faad8c311c058bb2ca6468aa1656f3139beac0dc0732bde9062b238e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
170486
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
12489
x-amz-id-2
Pgk0BRRmS8hI3R6g6ufUC/uI8rn9eDrDm1Nj1UQhHueYeQSjJfubAgB7XeTX76LP6jdpKW81GlY=
x-served-by
cache-hhn4067-HHN, cache-hhn4020-HHN
last-modified
Mon, 29 Mar 2021 13:53:29 GMT
server
AmazonS3
x-timer
S1617205572.691322,VS0,VE0
etag
"1b95ce3bd36f2ee5a16665a538ae46d6"
vary
Accept-Encoding, Authorization
x-amz-request-id
BHSNKF433MNKJE2F
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 553
adEditor~adManager~ads~categoryPage~commerceDashboard~errorPage~experiments~featuredPermalinkPage~fr~c8b90ed9.664e8a599bb01e6623e7.js
gizmodo.com/x-kinja-static/assets/new-client/
45 KB
9 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/adEditor~adManager~ads~categoryPage~commerceDashboard~errorPage~experiments~featuredPermalinkPage~fr~c8b90ed9.664e8a599bb01e6623e7.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
472720b89c02cb15d83445fa6289f45991429e9ff4c448591a2488c6e9210a72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
170486
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
8515
x-amz-id-2
fwr+xhfdHoX7GLiljeyHLbMR7ZhbT8dgDlLNVJDuMeSnQgf3oYPvf6kRPvyIKWQNkbwNqm08oes=
x-served-by
cache-fra19131-FRA, cache-hhn4020-HHN
last-modified
Fri, 26 Mar 2021 13:15:17 GMT
server
AmazonS3
x-timer
S1617205572.691300,VS0,VE0
etag
"563cfc51cc4a2a47e850626521cae860"
vary
Accept-Encoding, Authorization
x-amz-request-id
V6NE98V6NESW707A
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 560
adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~errorPage~experiments~featuredPermalin~727e56c1.8556341c23df5f4a9621.js
gizmodo.com/x-kinja-static/assets/new-client/
15 KB
3 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~errorPage~experiments~featuredPermalin~727e56c1.8556341c23df5f4a9621.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53a91586a25f889d2d7968b637cbbd917ad869585b44a660df3170623f79aa3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1881218
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
2850
x-amz-id-2
78RJnOgVD4PeCAszUj/3vkF2Qff7nUrg6gh75CiX3fHELdds8s6BAD6DhfSFhsPFTjoBIjlrJ/I=
x-served-by
cache-hhn4032-HHN, cache-hhn4020-HHN
last-modified
Tue, 09 Mar 2021 21:08:25 GMT
server
AmazonS3
x-timer
S1617205572.691284,VS0,VE0
etag
"38838dea9e738d8a20e3cda70b6ac8fb"
vary
Accept-Encoding, Authorization
x-amz-request-id
387VCR6FK6APDG7A
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 553
adEditor~adManager~ads~commerceDashboard~errorPage~experiments~featuredPermalinkPage~frontPage~newsl~539ec7ac.d30b2a2e34007b1aaab8.js
gizmodo.com/x-kinja-static/assets/new-client/
10 KB
4 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/adEditor~adManager~ads~commerceDashboard~errorPage~experiments~featuredPermalinkPage~frontPage~newsl~539ec7ac.d30b2a2e34007b1aaab8.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7254ca66ff08a8004f5e3bf4a1bad9ab17dd454f6a0448b9d7f391e34f5f338c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1196546
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
3283
x-amz-id-2
orBpujmUMsmNK7bx7ismWG22MBguxRWMUirXDLfJGZbx90Y+d8QhOPiDmaI2ebAGRHRPoJvJ+kY=
x-served-by
cache-hhn4070-HHN, cache-hhn4020-HHN
last-modified
Wed, 17 Mar 2021 19:18:48 GMT
server
AmazonS3
x-timer
S1617205572.691277,VS0,VE0
etag
"51c3628b877b6ef73345e8037951ef23"
vary
Accept-Encoding, Authorization
x-amz-request-id
GYND1S875FECQHKE
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 551
adEditor~commerceDashboard~errorPage~newsletterPage~profilePage~resetToken~searchPage~slideshowPerma~2933c930.55d4b0050f29ce9c4a9c.js
gizmodo.com/x-kinja-static/assets/new-client/
26 KB
6 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/adEditor~commerceDashboard~errorPage~newsletterPage~profilePage~resetToken~searchPage~slideshowPerma~2933c930.55d4b0050f29ce9c4a9c.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138181d3f8577867bdf788caaccfadd09fde54d96d61211f1684787b70d59941
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1900610
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
5368
x-amz-id-2
tmoC2RTBUYir1kgecI8/WP17ztBb42vXIwL0zQ28Rl00yo15JqO4kg/aAC2IOVhEel1LTbnzAaw=
x-served-by
cache-fra19144-FRA, cache-hhn4020-HHN
last-modified
Tue, 09 Mar 2021 15:45:18 GMT
server
AmazonS3
x-timer
S1617205572.691249,VS0,VE0
etag
"bbece6935e21adddec0bc8efae19c006"
vary
Accept-Encoding, Authorization
x-amz-request-id
VW8ATVQEV6BRWFJC
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 541
trackers.7806b3b1d8ac7c33089b.js
gizmodo.com/x-kinja-static/assets/new-client/
43 KB
12 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/trackers.7806b3b1d8ac7c33089b.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9739f82807e202bbaeb336c2026cd2db1fb63d8085aa4fbddf77e9fb35e714d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1142562
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
11646
x-amz-id-2
1MqIAfpfngLXExSV0e23o4oEt44iF69o3i2VhPvm/ySD7+sCeo4sM02qkiO9fIqAMr0uPuXhmaA=
x-served-by
cache-hhn4025-HHN, cache-hhn4020-HHN
last-modified
Thu, 18 Mar 2021 10:16:02 GMT
server
AmazonS3
x-timer
S1617205572.691244,VS0,VE0
etag
"d1f59a2f1e73aad83cc4d04edcedd1e8"
vary
Accept-Encoding, Authorization
x-amz-request-id
EX8RWVKH0GW4N5FE
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 532
runtime~errorPage.75f514be39725c979f36.js
x.kinja-static.com/assets/new-client/
5 KB
2 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/runtime~errorPage.75f514be39725c979f36.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c01043bf3184c51e3707b0b5f11336625165df1673165a37877a2eca2ca55d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
14
via
1.1 varnish
x-cache
HIT
content-length
1789
x-amz-id-2
3pAjnGegkwbmAjtnBoJjG56JYXNbgE3+X7CJY8VTgFNRBDSEU8mNgsJ3RvAJN4NixPnjpHM78r4=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 31 Mar 2021 11:22:55 GMT
server
AmazonS3
x-timer
S1617205572.776264,VS0,VE1
etag
"29e8021f12fb65b0fff3f41b1dce14f4"
vary
Accept-Encoding
x-amz-request-id
GJ0GJPX1MC1NKA9F
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
vendors~adEditor~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~~9d88826c.c28d821ec75ff64f5bda.js
gizmodo.com/x-kinja-static/assets/new-client/
5 KB
2 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/vendors~adEditor~ads~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~~9d88826c.c28d821ec75ff64f5bda.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31044c9f612f9f8ed4942ddec3986cbfccf88cc5e19c755067c5c6338883a0b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1777955
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
1597
x-amz-id-2
OR1dAleRGslZ0vYXRzo/viFvKCdw2SLZCJDuIwUKyxI6hEsF/uJUK3nC28aKwOfgub/xMww/USo=
x-served-by
cache-fra19131-FRA, cache-hhn4020-HHN
last-modified
Wed, 10 Mar 2021 18:49:22 GMT
server
AmazonS3
x-timer
S1617205572.691252,VS0,VE0
etag
"51b7e62631faabd158b7cf4917847730"
vary
Accept-Encoding, Authorization
x-amz-request-id
7DQ56DWW1X4DHKXQ
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3, 41
vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
x.kinja-static.com/assets/new-client/
115 KB
32 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ceed00ec1d96b18e399171b02266248b1773d6ad2919acb3574fd9f5dd073d05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
61
via
1.1 varnish
x-cache
HIT
content-length
32929
x-amz-id-2
QwhZSNR3flvxuXF7xhqV/RnaWaAf6fOoSZ7o1TGYgIkITgrG1LYWByR6CLkxB7KlSaveRLV/vSo=
x-served-by
cache-hhn4020-HHN
last-modified
Tue, 02 Mar 2021 17:53:53 GMT
server
AmazonS3
x-timer
S1617205572.776257,VS0,VE0
etag
"68f795d108aa1bf77d4261b390ef17ed"
vary
Accept-Encoding
x-amz-request-id
ZGS3K50RVBVWDZRQ
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~2141a1d9.02bfaee9106b921e2282.js
x.kinja-static.com/assets/new-client/
3 KB
2 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~2141a1d9.02bfaee9106b921e2282.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f67aa5d4a1299123978bdf70cc2c4044d79100af127ac95f45ec15fdbe135c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
61
via
1.1 varnish
x-cache
HIT
content-length
1314
x-amz-id-2
7l7oY6BHa18ODiRXn0xVicSQCqwfxEsw3bORB0uCR8LraByU3vJAD4tkUORdIX3OM0CdjNhTkJk=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 31 Mar 2021 12:43:18 GMT
server
AmazonS3
x-timer
S1617205572.776280,VS0,VE0
etag
"889a19809c1e4d810a7818a7e5afe142"
vary
Accept-Encoding
x-amz-request-id
04R11D4GNSDKD1K6
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~cacd8c03.4875161ebc5c3c1bea16.js
x.kinja-static.com/assets/new-client/
125 KB
31 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~cacd8c03.4875161ebc5c3c1bea16.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b604b45126273681759469c68e178305b927d9731d5ff31a60d0f30ab9bc8bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
61
via
1.1 varnish
x-cache
HIT
content-length
31981
x-amz-id-2
EnhGWUxkBK1ryVYnBbn3yPf7OJC7g+QverU8kpouKGG/WQM/B1ln0XiaSemYnP49xPLrhEsajM0=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 31 Mar 2021 12:43:18 GMT
server
AmazonS3
x-timer
S1617205572.776240,VS0,VE0
etag
"fb66870718e50e5fe7437b93f915446e"
vary
Accept-Encoding
x-amz-request-id
C29G2XJDW3SVK1HQ
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~browser-logs~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~f~b8e478bf.7f0d2881b80d55880edc.js
x.kinja-static.com/assets/new-client/
18 KB
6 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~browser-logs~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~f~b8e478bf.7f0d2881b80d55880edc.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
944f8bd7f48abaafe10dd04e104ce17db4642db33984f7d8bb14059720828813
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
61
via
1.1 varnish
x-cache
HIT
content-length
5482
x-amz-id-2
d+2SA+BhREcvoLHs5qby6+a1WTj8w/zC+eEWbjZ4QdKzElIeTwEmbs1BmlwbtrqRpG19CqifKHY=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 24 Mar 2021 19:08:24 GMT
server
AmazonS3
x-timer
S1617205572.776310,VS0,VE0
etag
"57215c189ec6a77077ff84483f38b37a"
vary
Accept-Encoding
x-amz-request-id
20591FEYM8VZRMEW
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~213a1dd7.749a893a79dc71be6898.js
x.kinja-static.com/assets/new-client/
19 KB
7 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~213a1dd7.749a893a79dc71be6898.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49405e821bbd2e0303d807d4fdbde2c6bc8077dfe64d04244dc4cf7472873bd4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
50
via
1.1 varnish
x-cache
HIT
content-length
6613
x-amz-id-2
ak4r2SaY9w/ilWS5jADnnnVu+Gn9U2TbLzOzv3ovjJZkbKgwDlwH5MrTiB+phGxIg47iEGGjPLo=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 03 Mar 2021 23:25:32 GMT
server
AmazonS3
x-timer
S1617205572.776231,VS0,VE0
etag
"8dec785f6638050a6736d22f054e663b"
vary
Accept-Encoding
x-amz-request-id
FV0RV6CTHKFCNH8D
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
x.kinja-static.com/assets/new-client/
44 KB
13 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef82a0aa8db074f9efd0ff4df45d5f14c6af4a256cde39bc0d7bd79c9d35fe67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
32
via
1.1 varnish
x-cache
HIT
content-length
13229
x-amz-id-2
lCcLiSgTFzpTMLxOjoPovj/GMRRKaFrrdEoqpdGVhvc0L27UcJtJsyBo0p1ZDq+G6RzZLeBFZD0=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 31 Mar 2021 12:43:19 GMT
server
AmazonS3
x-timer
S1617205572.801891,VS0,VE0
etag
"0ae7e5b73f1e9d1b550e55c9fbdf8706"
vary
Accept-Encoding
x-amz-request-id
DAVAQPM4RQX7TNGW
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
adEditor~alertsUnsubscribePage~commerceDashboard~errorPage~featuredPermalinkPage~frontPage~newslette~20352de8.cafb602cf342e4d4c824.js
x.kinja-static.com/assets/new-client/
209 KB
42 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/adEditor~alertsUnsubscribePage~commerceDashboard~errorPage~featuredPermalinkPage~frontPage~newslette~20352de8.cafb602cf342e4d4c824.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71a19f7b24d6ad6387f30078bbe3595d073b62c678898417482d57cf5b7b636c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
14
via
1.1 varnish
x-cache
HIT
content-length
42315
x-amz-id-2
VGgCob91yF3fJE8d+0uqU4qgawNmh3I+FlpEGS1EeDhleSag+6nPKmodyz1OtkJxWFj+zeGr+tw=
x-served-by
cache-hhn4020-HHN
last-modified
Thu, 25 Mar 2021 15:44:28 GMT
server
AmazonS3
x-timer
S1617205572.801834,VS0,VE1
etag
"83987c2918aab744fd29ad4d8aca882c"
vary
Accept-Encoding
x-amz-request-id
895K0HCJ25EJD8NK
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
adManager~ads~commerceDashboard~errorPage~profilePage~specialSection~splashPage~staffPage.836d542942eeb50c5ab3.js
gizmodo.com/x-kinja-static/assets/new-client/
12 KB
4 KB
Script
General
Full URL
https://gizmodo.com/x-kinja-static/assets/new-client/adManager~ads~commerceDashboard~errorPage~profilePage~specialSection~splashPage~staffPage.836d542942eeb50c5ab3.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d41cfa854d4236f5d51beae67a4178b5850d158aa25945245ea4c7041d974f15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
170487
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-ua-device
desktop
x-cdn-fetch
mantle-origin-cache
content-length
3313
x-amz-id-2
XXYzm2TKXOP8ToygUJlAFfMkKtrMozGP9/BJkSMotl7ByZxvC80WQEL0jvuX3VnwyhjIoow+S6Q=
x-served-by
cache-hhn4025-HHN, cache-hhn4020-HHN
last-modified
Fri, 26 Mar 2021 13:15:17 GMT
server
AmazonS3
x-timer
S1617205572.691199,VS0,VE0
etag
"9e95a916b5db38b55705902b2c5137dd"
vary
Accept-Encoding, Authorization
x-amz-request-id
358QTQCTQ7SF3TDV
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-http2-push
pushed
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 555
errorPage.02af049440debe4c7965.js
x.kinja-static.com/assets/new-client/
316 KB
54 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/errorPage.02af049440debe4c7965.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80446a9c595e624e7bb157c5066ac71d7c9fbfb6e9d80d80ee0dc85f45418611
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
14
via
1.1 varnish
x-cache
HIT
content-length
55542
x-amz-id-2
2By4e1OAv5jKs2oYsM3Zyg9Hyy2kl0++hejHC1zX9t1nyW02T5fEbdPw2d7qiTFsBYVVXqlPgbs=
x-served-by
cache-hhn4020-HHN
last-modified
Mon, 22 Mar 2021 15:18:48 GMT
server
AmazonS3
x-timer
S1617205572.801806,VS0,VE1
etag
"9afdfb26aa647e7111dc6a8cd4b6f493"
vary
Accept-Encoding
x-amz-request-id
E8W71QAFMSDDQZ9A
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
5464
date
Wed, 31 Mar 2021 14:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 31 Mar 2021 16:15:07 GMT
scroll.js
static.scroll.com/js/
17 KB
7 KB
Script
General
Full URL
https://static.scroll.com/js/scroll.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/x-kinja-static/assets/new-client/trackers.7806b3b1d8ac7c33089b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
gzip
age
69382
x-guploader-uploadid
ABg5-Uy58XXWjrQsaCAJ63gIK0SA47FY3X80DxgPxSIeOeJ81X2t5frqIRYzWopRa2ItiMeI8q5WWvjVVFxiEASMf54
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
6459
x-served-by
cache-fra19183-FRA
last-modified
Thu, 25 Feb 2021 20:29:37 GMT
server
UploadServer
x-timer
S1617205572.874491,VS0,VE0
etag
"334dd94887922f13e29acca6ed203eb7"
vary
Origin
x-goog-hash
crc32c=kcQgZA==, md5=M03ZSIeSLxPimsym7SA+tw==
x-goog-generation
1614284976930081
via
1.1 varnish
expires
Fri, 26 Feb 2021 20:29:38 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
6459
accept-ranges
bytes
content-type
application/javascript
x-scrolljs
3
x-cache-hits
9797
apstag.js
c.amazon-adsystem.com/aax2/
119 KB
31 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/x-kinja-static/assets/new-client/trackers.7806b3b1d8ac7c33089b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 22:11:28 GMT
content-encoding
gzip
server
Server
age
63283
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id
Aa6TT_gM4o8IPmJHlrM3U4-pvnN98uOHz9KeuIPlHlRaoOJe65vBZA==
chartbeat.js
static.chartbeat.com/js/
36 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/x-kinja-static/assets/new-client/trackers.7806b3b1d8ac7c33089b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:0:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ffa272cd7c67be28bb54afb5184deb64931a4f018890876020acbdbdbb0d7ea2

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 18:13:25 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 00:12:18 GMT
server
nginx
age
77566
etag
W/"605bd562-8e8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
xCNurH1sE1hxBY6PpqicyGZVa9Gt1vo64hltrckqvl81w9XD_VHcnQ==
expires
Wed, 31 Mar 2021 18:13:25 GMT
tag
btloader.com/
Redirect Chain
  • https://kinja-com.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=kinja-com&upapi=true
10 KB
5 KB
Script
General
Full URL
https://btloader.com/tag?h=kinja-com&upapi=true
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5473db0e51abf3da61b7537df9dcb6a8758d37438aa247d0aad4bfd51f2b56

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
662
content-encoding
br
cf-request-id
092a8fc9e400004a55dc1b7000000001
server
cloudflare
etag
W/"3aaddb6f472770a516deffa11ea5c602"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sDNot%2BRie%2FS1CYb%2FdpEn8kJ00SE8zLBsaNB6a62M%2B8Ucjp137u2NMPl9WWcTmAzJCfjf1oJpFHiEpMJalGnr8nko7fINqtfMlksDmM3TlS7oksp2wfhtvRc%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
638ab58968934a55-FRA

Redirect headers

date
Wed, 31 Mar 2021 15:46:11 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kXYtLKVRvrMo4mepKGYje2XcnDphVgJ0m%2B1qUDQj8PFCM9LHga3%2FjNcgTV9l%2Btv1sDseMCbQmC3lVb86dYOJlBY2%2F1zPW1%2FsSMnSH9aSKUa0kp21hn7Ma8b3C3rsPqkLDhTCJ8%2BmzRFk"}],"group":"cf-nel"}
location
https://btloader.com/tag?h=kinja-com&upapi=true
cache-control
max-age=3600
cf-ray
638ab5882eed4e68-FRA
cf-request-id
092a8fc91d00004e68d9909000000001
expires
Wed, 31 Mar 2021 16:46:11 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/x-kinja-static/assets/new-client/trackers.7806b3b1d8ac7c33089b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 15:46:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 01 Apr 2021 15:46:11 GMT
publisher_kit.js
cdn.britepool.com/
133 KB
43 KB
Script
General
Full URL
https://cdn.britepool.com/publisher_kit.js?api_key=6e9e2b90-3709-4afb-a9f8-3586da6c7fb3
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/x-kinja-static/assets/new-client/trackers.7806b3b1d8ac7c33089b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61ccb8c3252e27a327becaf9318517719a131160e0bc05659b0d2493dc6e9245

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:44:20 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2021 10:34:46 GMT
server
AmazonS3
age
7312
etag
W/"84e9f71335e9b47a7fe8e0e75dd289da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
max-age=14400, public, immutable
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
RJG-6UGb9D5x942K18E5x7ybEEsTfpALyW0qN-WWu-ZxatsO9mDFRg==
/
insight.adsrvr.org/track/evnt/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.177.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-177-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 15:46:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
publisher:getClientId
ampcid.google.com/v1/
74 B
533 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Mar 2021 15:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gizmodo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/
31 KB
7 KB
XHR
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1195%2C%22requestUUID%22%3A%22e7a60754-aa56-4e4d-93a2-89505a2dbd56%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%2526utm_source%3Dgizmodo_email%26utm_campaign%3Dtop%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-39.dus51.r.cloudfront.net
Software
/ Express
Resource Hash
69dd52c21e47020c666938f534d2067e03fcaab38e5845c885a0bbe72c6bd959

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
content-encoding
gzip
x-amz-cf-pop
DUS51-C1
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gizmodo.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
2oSiZ8ad7kt_cGYFTzM8lntlNGdMk_ugQckzNRt6AujACd-xQBl16g==
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame
0
0
Preflight
General
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1195%2C%22requestUUID%22%3A%22e7a60754-aa56-4e4d-93a2-89505a2dbd56%22%2C%22propertyHref%22%3A%22https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%2526utm_source%3Dgizmodo_email%26utm_campaign%3Dtop%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Server
13.226.159.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-39.dus51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://gizmodo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
13
date
Wed, 31 Mar 2021 15:46:11 GMT
x-powered-by
Express
access-control-allow-origin
https://gizmodo.com
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
allow
POST,GET,HEAD
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
SUVpZB3eRL1uBd5eFq7wjQFBwOEcsFdvbBFcI0q4YRgsq9YOooIbhA==
connatix.playspace.dc.js
cds.connatix.com/p/110783/
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/110783/connatix.playspace.dc.js
1 MB
228 KB
Script
General
Full URL
https://cds.connatix.com/p/110783/connatix.playspace.dc.js
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5921d4ee2db54ded2ff10aa4c46b3d30e14e85b2b095d7456d1f1c90874da81f

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
content-encoding
br
last-modified
Wed, 31 Mar 2021 09:31:28 GMT
age
16844
etag
"aa9624afadb8fbaed0124f6039339910"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=31557600
accept-ranges
bytes
content-length
233357

Redirect headers

location
https://cds.connatix.com/p/110783/connatix.playspace.dc.js
date
Wed, 31 Mar 2021 15:46:11 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
setbucket
deadspin.com/ Frame A029
0
136 B
Document
General
Full URL
https://deadspin.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
deadspin.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=deadspin.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.029913,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
gizmodo.com/ Frame 2A30
0
220 B
Document
General
Full URL
https://gizmodo.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
gizmodo.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
geocc=DE; KinjaBucket=2; KinjaSetBucket=2|1617205500|47xqw7l8oIucEHMxlx/46g/hiPvFM4mhXU0bFGSjCUo=; AMP_TOKEN=%24RETRIEVING; _dd_r=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=gizmodo.com;SameSite=None;Secure;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.021091,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
jalopnik.com/ Frame 8EE8
0
137 B
Document
General
Full URL
https://jalopnik.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
jalopnik.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=jalopnik.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.022226,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
jezebel.com/ Frame E664
0
136 B
Document
General
Full URL
https://jezebel.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
jezebel.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=jezebel.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.022285,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
kotaku.com/ Frame 12D8
0
135 B
Document
General
Full URL
https://kotaku.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
kotaku.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=kotaku.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.032752,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
lifehacker.com/ Frame 392D
0
138 B
Document
General
Full URL
https://lifehacker.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
lifehacker.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=lifehacker.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.024315,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
theroot.com/ Frame 000E
0
135 B
Document
General
Full URL
https://theroot.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
theroot.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=theroot.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.033645,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
avclub.com/ Frame 016F
0
135 B
Document
General
Full URL
https://avclub.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
avclub.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=avclub.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.034020,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
theinventory.com/ Frame 33E3
0
77 B
Document
General
Full URL
https://theinventory.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
theinventory.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=theinventory.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.042262,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
theonion.com/ Frame 41D4
0
136 B
Document
General
Full URL
https://theonion.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
theonion.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=theonion.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.033992,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
thetakeout.com/ Frame 4E9C
0
138 B
Document
General
Full URL
https://thetakeout.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
thetakeout.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=thetakeout.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.042528,VS0,VE0
x-ua-device
desktop
content-length
0
setbucket
kinjadeals.theinventory.com/ Frame 3293
0
154 B
Document
General
Full URL
https://kinjadeals.theinventory.com/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~alertsUnsubscribePage~categoryPage~commerceDashboard~curatedHomepage~errorPage~expe~e3bd37d8.8e4dd68e02e2e272c884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
kinjadeals.theinventory.com
:scheme
https
:path
/setbucket?signature=2%7C1617205500%7C47xqw7l8oIucEHMxlx%2F46g%2FhiPvFM4mhXU0bFGSjCUo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

server
Varnish
retry-after
0
content-type
text/html; charset=utf-8
x-robots-tag
noindex
set-cookie
KinjaBucket=2;path=/;Max-Age=31536000;domain=theinventory.com;SameSite=None;Secure; geocc=DE;path=/;
accept-ranges
bytes
date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 varnish
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617205572.042233,VS0,VE0
x-ua-device
desktop
content-length
0
hydrateAnimatedBlogLogo.d0165370bc24e7873a25.js
x.kinja-static.com/assets/new-client/
908 B
814 B
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/hydrateAnimatedBlogLogo.d0165370bc24e7873a25.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~errorPage.75f514be39725c979f36.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2201b7f8ada14e0f53e74c69e7ffb2664b422b292d2a6082ed37ddd50b2171cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
via
1.1 varnish
x-cache
HIT
content-length
431
x-amz-id-2
T1KsY7aIltlotNKndMr4Xynrf8J+y6hoxZjpXJ2MnKuqh7qic6VyyWsjpWAo1ZxAhrd8cTEcEzY=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 10 Mar 2021 18:49:21 GMT
server
AmazonS3
x-timer
S1617205572.031908,VS0,VE197
etag
"a5dcc51ecb5e263801025346a8b7b361"
vary
Accept-Encoding
x-amz-request-id
T05PNZPXEKN06C71
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
44213
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Wed, 31 Mar 2021 03:29:32 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
IKB7K1tUqQZ2WOcqzbuKq709tDK2QyaygatrHd7UdHuJDln_3l_97A==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6770184&ns__t=1617205572038&ns_c=UTF-8&cv=3.5&c8=Kinja&c7=https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1617205572038&ns_c=UTF-8&cv=3.5&c8=Kinja&c7=https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1617205572038&ns_c=UTF-8&cv=3.5&c8=Kinja&c7=https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%2526utm_source%3Dgizmodo_email%26utm_campaign%3Dtop&c9=&cs_ak_ss=1
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 15:46:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&ns__t=1617205572038&ns_c=UTF-8&cv=3.5&c8=Kinja&c7=https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%2526utm_source%3Dgizmodo_email%26utm_campaign%3Dtop&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 31 Mar 2021 15:46:12 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
462 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gizmodo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
any
idx.liadm.com/idex/ie/
0
404 B
XHR
General
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.134.165 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-134-165.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://gizmodo.com
Date
Wed, 31 Mar 2021 15:46:12 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
identity
api.rlcdn.com/api/
0
244 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPD5Y-KPD5Y-KAGABCENBTCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA&ct=4
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://gizmodo.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
clear
rid
match.adsrvr.org/track/
63 B
387 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=1&gdpr_consent=CPD5Y-KPD5Y-KAGABCENBTCgAAAAAE_AAAYgAAALzgFgBfADaAI4AgABAwCDgEWALqAk4BaAC8wBxkAEARwiACAQAJABAIAGgAgEAFQAQBHEIAIAjiUAEANo.YAAAAAAAAAAA
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.101.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-101-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8c0505717621d3756be81894c2c05b66e0606c3093d89355b15558cb6893fe88

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gizmodo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 30 Apr 2021 15:46:12 GMT
check
connect.scroll.com/embed/
0
203 B
XHR
General
Full URL
https://connect.scroll.com/embed/check
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.100.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors https: http:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gizmodo.com
access-control-allow-credentials
true
content-security-policy
frame-ancestors https: http:;
alt-svc
clear
content-length
0
collect
www.google-analytics.com/j/
4 B
65 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=86219695&t=pageview&_s=1&dl=https%3A%2F%2Fgizmodo.com%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%2526utm_source%3Dgizmodo_email%26utm_campaign%3Dtop&ul=en-us&de=UTF-8&dt=Kinja&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAQCAC~&jid=1632012429&gjid=1207134023&cid=2047677765.1617205572&tid=UA-142218-33&_gid=681861339.1617205572&_r=1&_slc=1&cd38=computer&cd39=none&cd40=-2&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=error&cd94=none&cd97=none&cd99=none&cd101=none&cd103=&cd105=unknown&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=error&cd37=2&z=143220401
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 15:46:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gizmodo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
cdn.privacy-mgmt.com/ Frame A467
4 KB
2 KB
Document
General
Full URL
https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a

Request headers

:method
GET
:authority
cdn.privacy-mgmt.com
:scheme
https
:path
/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gizmodo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gizmodo.com/

Response headers

content-type
text/html
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
content-encoding
gzip
date
Wed, 31 Mar 2021 15:32:19 GMT
etag
W/"f895edfe84fb752b0b1fea2c750ad685"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
EP0E-XCzHmDV8FQeRh9EwBjP73Fheid4ZF7JxnTkKShPY9P4rqTK8Q==
age
834
ping
ping.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=gizmodo.com&p=%2Fdangerous-android-app-pretends-to-be-a-system-update-to-1846574044%253Futm_medium%3Dsharefromsite%26utm_source%3Dgizmodo_email%26utm_campaign%3Dtop&u=DS7wSCJxGE0IY7SE&d=gizmodo.com&g=3012&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1603&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=673&t=BMolfhB8hNmdBzLe7QDPY4kZ7o1jg&V=125&i=Kinja&tz=-120&sn=1&sv=BRXzimDtSPyS0EIPrzSyvJDFkWmw&sd=1&im=062b2f33&_
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.60.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-60-203.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 15:46:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
collect
stats.g.doubleclick.net/j/
4 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-142218-33&cid=2047677765.1617205572&jid=1632012429&gjid=1207134023&_gid=681861339.1617205572&_u=YGBACEAABAQCAC~&z=326714475
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/vendors~adEditor~categoryPage~commerceDashboard~curatedHomepage~errorPage~experiments~featuredPermal~2eb9d6a9.48dd327fde0ec808b2b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Mar 2021 15:46:12 GMT
content-type
text/plain
access-control-allow-origin
https://gizmodo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
Notice.37f30.css
cdn.privacy-mgmt.com/ Frame A467
29 KB
5 KB
Stylesheet
General
Full URL
https://cdn.privacy-mgmt.com/Notice.37f30.css
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa

Request headers

Referer
https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:45:42 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
31
etag
W/"227670f327655cdc0f6317b8d0f58d27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
wP_AW8mGMRD9xAw138lxCEyfPThiFOYk6fjbrjjzxPrlQ50lQlHeNg==
polyfills.65071.js
cdn.privacy-mgmt.com/ Frame A467
5 KB
2 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/polyfills.65071.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Referer
https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:29:22 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
1010
etag
W/"89661b8fd918815bcb224bba79cabab1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
tjaeG3GXd8tY4GC38Qs1OaOmxZg3PHQQVZIj0ddBavp5JkXkcBdWNA==
Notice.2f2bf.js
cdn.privacy-mgmt.com/ Frame A467
170 KB
42 KB
Script
General
Full URL
https://cdn.privacy-mgmt.com/Notice.2f2bf.js
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-39.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce

Request headers

Referer
https://cdn.privacy-mgmt.com/index.html?message_id=388523&consentUUID=f668778c-4098-416f-ab37-5b8cf02ddcb7&requestUUID=e7a60754-aa56-4e4d-93a2-89505a2dbd56&preload_message=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:42:40 GMT
content-encoding
gzip
last-modified
Tue, 16 Mar 2021 18:45:34 GMT
server
AmazonS3
age
213
etag
W/"c85163727e52a58ce3e4990198570614"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
FdxMVGLdnzMvMTcnFFoFgL2n5heFlNGQo_U5T_o1jIr3IQoER6tZNg==
ga-audiences
www.google.com/ads/
42 B
505 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-142218-33&cid=2047677765.1617205572&jid=1632012429&_u=YGBACEAABAQCAC~&z=1539367966
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 15:46:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
505 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-142218-33&cid=2047677765.1617205572&jid=1632012429&_u=YGBACEAABAQCAC~&z=1539367966
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 15:46:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendors~animatedBlogLogo.3bdcbc2f9d85a0cdddf7.js
x.kinja-static.com/assets/new-client/
8 KB
3 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendors~animatedBlogLogo.3bdcbc2f9d85a0cdddf7.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~errorPage.75f514be39725c979f36.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2df2f72c664da70327bffd2588fb2d4070fd5c87a35da4fa695e50998df97d1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
via
1.1 varnish
x-cache
HIT
content-length
2851
x-amz-id-2
/5Iwbe5SymjuHSFTJ6XE4dJGc/k1xB/zW/H6vzgumdACav+9p1y+BlkcEeKV7lSR1xOcteWX73Q=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 10 Mar 2021 18:49:22 GMT
server
AmazonS3
x-timer
S1617205572.308288,VS0,VE201
etag
"857dbf48b0204ecacd2ffa1c24b21987"
vary
Accept-Encoding
x-amz-request-id
0EZ3GK8AVQZCJPP3
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
animatedBlogLogo.1a4b5d3d330b3cf7c99e.js
x.kinja-static.com/assets/new-client/
72 KB
17 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/animatedBlogLogo.1a4b5d3d330b3cf7c99e.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/runtime~errorPage.75f514be39725c979f36.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f836ea4555f58c5fb16dbb104ce6ffb24c4511cee1a8d5b341e5a03fcebe6999
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gizmodo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
via
1.1 varnish
x-cache
HIT
content-length
16826
x-amz-id-2
ByvKBjre5Iw3/+p0/VmInBgNadVfM5t0uXs1PEe0GWv2LqnD43wjo08lGJZJjAb0dzlXX56ny54=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 24 Mar 2021 19:08:22 GMT
server
AmazonS3
x-timer
S1617205572.308825,VS0,VE202
etag
"6833da6f5c4ce05a66da2355267b3a4a"
vary
Accept-Encoding
x-amz-request-id
NE6DR0YBF5FJF8RB
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
logo-gizmodo-600x85-300x43.png
g-omedia.com/wp-content/uploads/2016/11/ Frame A467
4 KB
5 KB
Image
General
Full URL
https://g-omedia.com/wp-content/uploads/2016/11/logo-gizmodo-600x85-300x43.png
Requested by
Host: gizmodo.com
URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.142.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-142-21.compute-1.amazonaws.com
Software
Apache/2.4.39 (Unix) OpenSSL/1.1.0j /
Resource Hash
7712b0b9683b6bdbff4e275ef9af9b7499737f3e5d0238040fd46d8f7da05c45

Request headers

Referer
https://cdn.privacy-mgmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 15:46:12 GMT
last-modified
Mon, 25 Nov 2019 23:54:55 GMT
server
Apache/2.4.39 (Unix) OpenSSL/1.1.0j
accept-ranges
bytes
etag
"1199-598347d870b61"
content-length
4505
content-type
image/png

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| headertag string| GoogleAnalyticsObject function| ga function| __tcfapi function| showPrivacyManager object| _sp_ function| _fasttoken object| _user object| blockthrough function| cnxps function| getUserStatus object| pbjs object| kinja object| webpackJsonp object| Modernizr function| filterCSS function| filterXSS object| Scroll object| apstag object| _sf_async_config number| _sf_endpt string| ENTRY_POPUP object| _comscore object| google_tag_data object| gaplugins object| DD_RUM function| Waypoint boolean| apstagLOADED function| udm_ object| ns_p object| COMSCORE boolean| gdprApplies object| gaGlobal object| gaData object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| regeneratorRuntime function| setImmediate function| clearImmediate object| britepool object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked

29 Cookies

Domain/Path Name / Value
.theonion.com/ Name: KinjaBucket
Value: 2
.theroot.com/ Name: KinjaBucket
Value: 2
.lifehacker.com/ Name: KinjaBucket
Value: 2
.gizmodo.com/ Name: _gat
Value: 1
.jalopnik.com/ Name: KinjaBucket
Value: 2
.gizmodo.com/ Name: _ga
Value: GA1.2.2047677765.1617205572
.gizmodo.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
gizmodo.com/ Name: _sp_v1_data
Value: 2:257192:1617205571:0:1:0:1:0:0:_:-1
.deadspin.com/ Name: KinjaBucket
Value: 2
gizmodo.com/ Name: _cb_svref
Value: null
gizmodo.com/ Name: _chartbeat2
Value: .1617205572165.1617205572165.1.BRXzimDtSPyS0EIPrzSyvJDFkWmw.1
gizmodo.com/ Name: _cb_ls
Value: 1
.thetakeout.com/ Name: KinjaBucket
Value: 2
gizmodo.com/ Name: _sp_v1_consent
Value: 1!0:-1:-1:-1:-1:-1
gizmodo.com/ Name: _sp_v1_uid
Value: 1:814:bb4383cc-602f-4301-96c7-3de156649af5
.gizmodo.com/ Name: consentUUID
Value: f668778c-4098-416f-ab37-5b8cf02ddcb7
gizmodo.com/ Name: _sp_v1_lt
Value: 1:
.gizmodo.com/ Name: KinjaBucket
Value: 2
.kotaku.com/ Name: KinjaBucket
Value: 2
gizmodo.com/ Name: _sp_v1_ss
Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D
.avclub.com/ Name: KinjaBucket
Value: 2
gizmodo.com/ Name: _cb
Value: DS7wSCJxGE0IY7SE
gizmodo.com/ Name: _dd_r
Value: 0
gizmodo.com/ Name: _sp_v1_csv
Value: null
gizmodo.com/ Name: geocc
Value: DE
.jezebel.com/ Name: KinjaBucket
Value: 2
.gizmodo.com/ Name: _gid
Value: GA1.2.681861339.1617205572
.theinventory.com/ Name: KinjaBucket
Value: 2
gizmodo.com/ Name: _sp_v1_opt
Value: 1:

4 Console Messages

Source Level URL
Text
console-api log URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top(Line 39)
Message:
tcData gdprApplies true
console-api log URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top(Line 42)
Message:
tcData publisherCC DE
console-api log URL: https://gizmodo.com/dangerous-android-app-pretends-to-be-a-system-update-to-1846574044%3Futm_medium=sharefromsite%26utm_source=gizmodo_email&utm_campaign=top(Line 46)
Message:
tcData removed listener 0
console-api log URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
api.rlcdn.com
avclub.com
btloader.com
c.amazon-adsystem.com
cd.connatix.com
cdn.britepool.com
cdn.privacy-mgmt.com
cds.connatix.com
connect.scroll.com
deadspin.com
f.kinja-static.com
g-omedia.com
gizmodo.com
idx.liadm.com
insight.adsrvr.org
jalopnik.com
jezebel.com
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
kinjadeals.theinventory.com
kotaku.com
lifehacker.com
match.adsrvr.org
ping.chartbeat.net
sb.scorecardresearch.com
static.chartbeat.com
static.scroll.com
stats.g.doubleclick.net
theinventory.com
theonion.com
theroot.com
thetakeout.com
www.google-analytics.com
www.google.com
www.google.de
x.kinja-static.com
13.225.74.44
13.226.158.204
13.226.159.39
151.101.14.137
151.101.194.137
151.101.194.166
184.51.9.98
199.232.198.217
23.37.53.17
2600:9000:2182:0:18:1fcd:34e:d2a1
2606:4700:20::681a:932
2606:4700:20::ac43:4686
2a00:1450:4001:802::200e
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
34.120.133.55
34.194.60.203
34.230.142.21
35.201.100.179
52.17.101.63
52.30.177.128
54.162.134.165
01522e70e4807e89bf3303d4f2e01fb141b4ce91dba4023d23794e255028ed9e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b604b45126273681759469c68e178305b927d9731d5ff31a60d0f30ab9bc8bf
138181d3f8577867bdf788caaccfadd09fde54d96d61211f1684787b70d59941
1644f5a080fb3782837169e1612393ec98a0bf7819fd81242506dbdd676125c5
1f3d1d28faad8c311c058bb2ca6468aa1656f3139beac0dc0732bde9062b238e
2201b7f8ada14e0f53e74c69e7ffb2664b422b292d2a6082ed37ddd50b2171cf
28401c718fef70dedbe8cc9b6a4b8d2728345b31a0e32eccf65cfe73e3ca0e61
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2df2f72c664da70327bffd2588fb2d4070fd5c87a35da4fa695e50998df97d1c
31044c9f612f9f8ed4942ddec3986cbfccf88cc5e19c755067c5c6338883a0b3
3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4
472720b89c02cb15d83445fa6289f45991429e9ff4c448591a2488c6e9210a72
49405e821bbd2e0303d807d4fdbde2c6bc8077dfe64d04244dc4cf7472873bd4
4c01043bf3184c51e3707b0b5f11336625165df1673165a37877a2eca2ca55d1
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
53a91586a25f889d2d7968b637cbbd917ad869585b44a660df3170623f79aa3d
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
5921d4ee2db54ded2ff10aa4c46b3d30e14e85b2b095d7456d1f1c90874da81f
5f67aa5d4a1299123978bdf70cc2c4044d79100af127ac95f45ec15fdbe135c3
61ccb8c3252e27a327becaf9318517719a131160e0bc05659b0d2493dc6e9245
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
69dd52c21e47020c666938f534d2067e03fcaab38e5845c885a0bbe72c6bd959
71a19f7b24d6ad6387f30078bbe3595d073b62c678898417482d57cf5b7b636c
71b76d51d2da6bd16bba3c1ae1d61a6f24c72a21d5786e11c2c636ee1f4c908a
7254ca66ff08a8004f5e3bf4a1bad9ab17dd454f6a0448b9d7f391e34f5f338c
7712b0b9683b6bdbff4e275ef9af9b7499737f3e5d0238040fd46d8f7da05c45
80446a9c595e624e7bb157c5066ac71d7c9fbfb6e9d80d80ee0dc85f45418611
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8603dbf0d77ac5430fc6303781b17dfaf6b888a02087afca291e6db32b54594a
8c0505717621d3756be81894c2c05b66e0606c3093d89355b15558cb6893fe88
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
944f8bd7f48abaafe10dd04e104ce17db4642db33984f7d8bb14059720828813
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b5473db0e51abf3da61b7537df9dcb6a8758d37438aa247d0aad4bfd51f2b56
9ded35b1d277c9b9827d088311e566bb9ad37a3bd52953580e2a83fb12afe200
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a34e91b060fc24aea945bf13eb33dfa0da086d81780cb1fc8cad673444682898
acea44b7167f5a9cc4ed95bf4cb6cf8d8feefebaf1a1cedb02a8a8caf1b1e715
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbf0ba1784f42772f34d21d8cd0828b09544115f10c59019ccd9c1b2ab75bb44
ceed00ec1d96b18e399171b02266248b1773d6ad2919acb3574fd9f5dd073d05
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff6d399aa3793e3ebf9dc4fb7c21d2a846642f2490d6be9effaff766d4ff5ce
d41cfa854d4236f5d51beae67a4178b5850d158aa25945245ea4c7041d974f15
d6308b12748754532642c8d826cd0fe36659d873f570d9e77b465a63d5242f77
d9739f82807e202bbaeb336c2026cd2db1fb63d8085aa4fbddf77e9fb35e714d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7c4d41f9a8d8d125a029edce55590889b5d128e9c56bd5c349fdc03be4c320
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef82a0aa8db074f9efd0ff4df45d5f14c6af4a256cde39bc0d7bd79c9d35fe67
f34567304f288693cf33a0b0ff04fa42ed930db606948b4d5e6a9c715865affa
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f836ea4555f58c5fb16dbb104ce6ffb24c4511cee1a8d5b341e5a03fcebe6999
ffa272cd7c67be28bb54afb5184deb64931a4f018890876020acbdbdbb0d7ea2