www.androidpolice.com Open in urlscan Pro
44.196.161.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://flip.it/oJJak3
Effective URL:
https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Submission: On March 17 via manual (March 17th 2022, 8:47:51 am UTC) from FR — Scanned from IT

Summary HTTP 183 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 67 IPs in 10 countries across 53 domains to perform 183 HTTP transactions. The main IP is 44.196.161.176, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.androidpolice.com. The Cisco Umbrella rank of the primary domain is 140152.
TLS certificate: Issued by R3 on February 4th 2022. Valid for: 3 months.

This is the only time www.androidpolice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.222.214.60 52.222.214.60	16509 (AMAZON-02) (AMAZON-02)
13	44.196.161.176 44.196.161.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:4485	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:ba39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.139.100 18.66.139.100	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
19	2600:9000:225... 2600:9000:2251:e400:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
4	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	18.64.115.87 18.64.115.87	16509 (AMAZON-02) (AMAZON-02)
6	35.186.249.84 35.186.249.84	15169 (GOOGLE) (GOOGLE)
2	35.84.228.30 35.84.228.30	16509 (AMAZON-02) (AMAZON-02)
5	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
1	52.25.88.123 52.25.88.123	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:27::... 2620:1ec:27::cafe:2250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	2600:9000:223... 2600:9000:223f:9a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
9	63.250.56.79 63.250.56.79	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
2	18.197.240.17 18.197.240.17	16509 (AMAZON-02) (AMAZON-02)
1 1	23.88.75.188 23.88.75.188	24940 (HETZNER-AS) (HETZNER-AS)
3 3	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
4 7	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.65.41.107 3.65.41.107	16509 (AMAZON-02) (AMAZON-02)
1	3.122.136.79 3.122.136.79	16509 (AMAZON-02) (AMAZON-02)
1	3.122.66.224 3.122.66.224	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.186.216.34 54.186.216.34	16509 (AMAZON-02) (AMAZON-02)
1	44.237.120.80 44.237.120.80	16509 (AMAZON-02) (AMAZON-02)
1 7	44.240.184.96 44.240.184.96	16509 (AMAZON-02) (AMAZON-02)
3 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1 2	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
8	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
3	2600:9000:223... 2600:9000:223f:3200:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 13	35.157.167.171 35.157.167.171	16509 (AMAZON-02) (AMAZON-02)
1 1	62.209.227.211 62.209.227.211	13036 (TMOBILE-) (TMOBILE-)
1	2606:4700:303... 2606:4700:3034::6815:4466	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.164.131.148 35.164.131.148	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6812:c039	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	18.193.50.241 18.193.50.241	16509 (AMAZON-02) (AMAZON-02)
2 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	37.252.173.213 37.252.173.213	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	72.251.244.140 72.251.244.140	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
1 1	64.74.236.223 64.74.236.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
6	54.90.140.145 54.90.140.145	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	34.232.242.140 34.232.242.140	14618 (AMAZON-AES) (AMAZON-AES)
183	67

1 52.222.214.60 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-60.fra56.r.cloudfront.net

flip.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 44.196.161.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-161-176.compute-1.amazonaws.com

www.androidpolice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4485 (United States)

ASN13335 (CLOUDFLARENET, US)

static1.anpoimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba39 (United States)

ASN13335 (CLOUDFLARENET, US)

f.convertkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-100.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2251:e400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

androidpolice.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.115.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-87.txl50.r.cloudfront.net

static.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com

scarfsmash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.84.228.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-228-30.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.88.123 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-88-123.us-west-2.compute.amazonaws.com

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:2250 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:9a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.250.56.79 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.240.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-240-17.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.188 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.241 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.248.245.213 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.41.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-41-107.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.136.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-136-79.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.66.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-224.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.216.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-216-34.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.120.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-120-80.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.240.184.96 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-184-96.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.89 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:3200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.157.167.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.211 (Prague, Czech Republic) 1 redirects

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid2.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.131.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-131-148.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c039 (United States)

ASN13335 (CLOUDFLARENET, US)

app.convertkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.50.241 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-50-241.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.213 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.176.128 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.223 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.90.140.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-140-145.compute-1.amazonaws.com

api.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.232.242.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-242-140.compute-1.amazonaws.com

events.release.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	primis.tech live.primis.tech — Cisco Umbrella Rank: 2934 video.primis.tech — Cisco Umbrella Rank: 5944	3 MB
16	adscale.de 1 redirects js.adscale.de — Cisco Umbrella Rank: 6659 ih.adscale.de — Cisco Umbrella Rank: 4504	16 KB
13	androidpolice.com www.androidpolice.com — Cisco Umbrella Rank: 140152	338 KB
12	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	129 KB
12	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 4610 seg.ad.gt — Cisco Umbrella Rank: 10390 p.ad.gt — Cisco Umbrella Rank: 5220 ids.ad.gt — Cisco Umbrella Rank: 4157 pixels.ad.gt — Cisco Umbrella Rank: 5088	18 KB
11	narrativ.com static.narrativ.com — Cisco Umbrella Rank: 8226 api.narrativ.com — Cisco Umbrella Rank: 28888 events.release.narrativ.com — Cisco Umbrella Rank: 8122	43 KB
9	adtarget.com.tr s.console.adtarget.com.tr — Cisco Umbrella Rank: 5388 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5722	4 KB
9	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 419 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417 image2.pubmatic.com — Cisco Umbrella Rank: 774 image6.pubmatic.com — Cisco Umbrella Rank: 571	18 KB
8	3lift.com 4 redirects eb2.3lift.com — Cisco Umbrella Rank: 346 tlx.3lift.com — Cisco Umbrella Rank: 512	4 KB
7	yahoo.com 3 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1493 ups.analytics.yahoo.com — Cisco Umbrella Rank: 268 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 916 l.clarity.ms — Cisco Umbrella Rank: 1876 c.clarity.ms — Cisco Umbrella Rank: 547	25 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 275 s.amazon-adsystem.com — Cisco Umbrella Rank: 260	80 KB
6	scarfsmash.com scarfsmash.com — Cisco Umbrella Rank: 133803	218 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	22 KB
5	advertising.com 3 redirects ads.adaptv.advertising.com — Cisco Umbrella Rank: 1091 pixel.advertising.com — Cisco Umbrella Rank: 307	1 KB
5	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 289 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 953 eus.rubiconproject.com — Cisco Umbrella Rank: 503 token.rubiconproject.com — Cisco Umbrella Rank: 595	11 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 293	2 KB
4	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 359 adscale-emea.adnxs.com — Cisco Umbrella Rank: 15944	4 KB
4	disqus.com androidpolice.disqus.com — Cisco Umbrella Rank: 250263	6 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1775 track.adform.net — Cisco Umbrella Rank: 3334	1 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476 ssum.casalemedia.com — Cisco Umbrella Rank: 1229	3 KB
3	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 480 search.spotxchange.com — Cisco Umbrella Rank: 387	2 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1314	83 KB
3	convertkit.com f.convertkit.com — Cisco Umbrella Rank: 15221 app.convertkit.com — Cisco Umbrella Rank: 16023	14 KB
2	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 193	893 B
2	m6r.eu 2 redirects tracking.m6r.eu — Cisco Umbrella Rank: 11276	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 490	670 B
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 614	721 B
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1358	419 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 384	1 KB
2	gstatic.com fonts.gstatic.com	45 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 257	440 B
2	openx.net u.openx.net — Cisco Umbrella Rank: 621	380 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	google.it ampcid.google.it — Cisco Umbrella Rank: 312555 www.google.it — Cisco Umbrella Rank: 19614	966 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 821	2 KB
2	google.com ampcid.google.com — Cisco Umbrella Rank: 1737 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	121 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	160 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 528	301 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 434	705 B
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 617	556 B
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 87574	1 KB
1	ibillboard.com 1 redirects bbnaut.ibillboard.com — Cisco Umbrella Rank: 16459	550 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 562	240 B
1	aufp.io aufp.io — Cisco Umbrella Rank: 5789	6 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 908	243 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 500	482 B
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490	11 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	17 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	28 KB
1	anpoimages.com static1.anpoimages.com — Cisco Umbrella Rank: 194535	499 KB
1	flip.it 1 redirects flip.it — Cisco Umbrella Rank: 217727	381 B
183	53

	Domain	Requested by
19	live.primis.tech	www.androidpolice.com live.primis.tech tagan.adlightning.com
13	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
13	www.androidpolice.com	www.androidpolice.com
9	video.primis.tech	www.androidpolice.com live.primis.tech
8	sync.console.adtarget.com.tr	s.console.adtarget.com.tr js.adscale.de
8	cm.g.doubleclick.net	4 redirects www.androidpolice.com eb2.3lift.com
7	ids.ad.gt	1 redirects www.androidpolice.com
7	eb2.3lift.com	4 redirects live.primis.tech eb2.3lift.com
6	api.narrativ.com	static.narrativ.com
6	scarfsmash.com	www.androidpolice.com scarfsmash.com
6	www.google-analytics.com	www.androidpolice.com www.googletagmanager.com www.google-analytics.com
5	c.amazon-adsystem.com	www.androidpolice.com c.amazon-adsystem.com live.primis.tech
4	events.release.narrativ.com	tagan.adlightning.com static.narrativ.com
4	ups.analytics.yahoo.com	2 redirects www.androidpolice.com
4	pixel.advertising.com	3 redirects www.androidpolice.com
4	match.adsrvr.org	3 redirects eb2.3lift.com
4	l.clarity.ms	www.clarity.ms l.clarity.ms
4	androidpolice.disqus.com	www.androidpolice.com tagan.adlightning.com
3	image6.pubmatic.com	ads.pubmatic.com
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	secure.adnxs.com	3 redirects
3	ads.pubmatic.com	tagan.adlightning.com s.console.adtarget.com.tr live.primis.tech
3	tagan.adlightning.com	www.androidpolice.com tagan.adlightning.com
2	c.clarity.ms	1 redirects
2	s.amazon-adsystem.com	1 redirects eb2.3lift.com
2	c.bing.com	1 redirects eb2.3lift.com
2	tracking.m6r.eu	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	live.primis.tech eus.rubiconproject.com
2	app.convertkit.com	f.convertkit.com
2	track.adform.net	2 redirects
2	creativecdn.com	2 redirects
2	sync.smartadserver.com	1 redirects www.androidpolice.com
2	sync.mathtag.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	c2shb.pubgw.yahoo.com	live.primis.tech
2	ssum-sec.casalemedia.com	2 redirects
2	x.bidswitch.net	www.androidpolice.com eb2.3lift.com
2	u.openx.net	tagan.adlightning.com www.androidpolice.com
2	sync.search.spotxchange.com	2 redirects
2	fonts.googleapis.com	tagan.adlightning.com
2	unpkg.com	1 redirects www.androidpolice.com
2	securepubads.g.doubleclick.net	tagan.adlightning.com www.googletagservices.com
2	a.ad.gt	www.androidpolice.com p.ad.gt
2	www.googletagmanager.com	www.androidpolice.com www.googletagmanager.com
2	pagead2.googlesyndication.com	www.androidpolice.com pagead2.googlesyndication.com
1	b1sync.zemanta.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	adscale-emea.adnxs.com	1 redirects
1	dis.criteo.com	1 redirects
1	ssum.casalemedia.com	1 redirects
1	pixels.ad.gt	tagan.adlightning.com
1	images.getadmiral.com	www.androidpolice.com
1	bbnaut.ibillboard.com	1 redirects
1	www.google.it	www.androidpolice.com
1	www.google.com	www.androidpolice.com
1	cm.adform.net	s.console.adtarget.com.tr
1	stats.g.doubleclick.net	www.google-analytics.com
1	trc.taboola.com	www.androidpolice.com
1	aufp.io	a.ad.gt
1	p.ad.gt	a.ad.gt
1	search.spotxchange.com	live.primis.tech
1	prebid-server.rubiconproject.com	live.primis.tech
1	ads.adaptv.advertising.com	live.primis.tech
1	tlx.3lift.com	live.primis.tech
1	hbopenbid.pubmatic.com	live.primis.tech
1	pixel.rubiconproject.com	www.androidpolice.com
1	csync.loopme.me	1 redirects
1	s.console.adtarget.com.tr	tagan.adlightning.com
1	static.adsafeprotected.com	www.androidpolice.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	secure.cdn.fastclick.net	tagan.adlightning.com
1	ampcid.google.it	www.google-analytics.com
1	www.clarity.ms	www.androidpolice.com
1	googleads.g.doubleclick.net	tagan.adlightning.com
1	ampcid.google.com	www.google-analytics.com
1	seg.ad.gt	www.androidpolice.com
1	www.googletagservices.com	www.androidpolice.com
1	static.narrativ.com	www.androidpolice.com
1	f.convertkit.com	www.androidpolice.com
1	static1.anpoimages.com	www.androidpolice.com
1	flip.it	1 redirects
183	85

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
twitter.com
news.google.com
feedly.com
www.pushbullet.com
www.vice.com
okeymonitor.com
lucky225.medium.com
www.amazon.com
getadmiral.com

Subject Issuer	Validity	Valid
androidpolice.com R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
*.anpoimages.com E1	`2022-02-04` - `2022-05-05`	3 months	crt.sh
convertkit.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.primis.tech Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
static.narrativ.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
scarfsmash.com R3	`2022-01-22` - `2022-04-22`	3 months	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.it GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-01-28` - `2022-04-28`	3 months	crt.sh
primis.tech Go Daddy Secure Certificate Authority - G2	`2021-10-29` - `2022-06-18`	8 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
aufp.io Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
sync.console.adtarget.com.tr R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2021-05-13` - `2022-05-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2022-09-01`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
api.planethowl.com Amazon	`2022-03-03` - `2023-04-01`	a year	crt.sh
*.release.narrativ.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Frame ID: 0818A768C10C7473EA1C1C398303E615
Requests: 100 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 7A0FC1ADC3ACB28DE876A6DADF25709A
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220315/r20190131/zrt_lookup.html
Frame ID: EECE485F441F2FE3DAD132424E66D581
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: B00D7C879BAF2773C09A39698A24A703
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=94&advUuid=eab83c48-a5ce-11ec-aa3c-16a7f9820506
Frame ID: D3BC9362F5CC7DEC2A19EDEDFF7A2346
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 5E8FC3313713415C82A09C37E04D1BFD
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 89B88E47A9F93EDCCDDA38135D0449DE
Requests: 3 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=vQrFb6kifgIaNePxw0WC&pi=admatic&tc=1
Frame ID: 9CF23910416AFF150DBAD071BD4E1AE5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: D4F42363CE8C139FA68B81EB2437AD0B
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: BFAA8725006684D4613DB72116008001
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: 205DD41E9C26D5FBEDD856B5B8C5DDC3
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 41BB151D790A036B9C657B9B938F4E07
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 30B6FB55130227D21ADC59235DC20A58
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 216AE0FE5D299F7547A0879450567CDE
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: 3BF04BC321773DE07533C33074685671
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 8F48911EA60DBC6197DCCC9BC11C670D
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 5C241634806BC38705CC5AB279CC61C0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 43A029795E7D75965CAFCD1512920731
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&
Frame ID: F2E8256C6CAC25F29D577EC36C69AF0A
Requests: 11 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: EC2B6379E3392D96B240F3385C2FD13B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US carriers close security loophole that allowed easy SMS hijackuser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

https://flip.it/oJJak3 HTTP 302
https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

183
Requests

83 %
HTTPS

31 %
IPv6

53
Domains

85
Subdomains

67
IPs

10
Countries

4901 kB
Transfer

8400 kB
Size

82
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/AndroidPolice

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AndroidPolice

Search URL Search Domain Scan URL

URL: https://twitter.com/AndroidPolice

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBggKMLuYFDDSzAI

Search URL Search Domain Scan URL

URL: https://feedly.com/i/subscription/feed%2Fhttps://www.androidpolice.com/feed

Search URL Search Domain Scan URL

URL: https://www.pushbullet.com/channel-popup?tag=androidpolicefeed

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F%2F&src=sdkpreparse
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=US%20carriers%20close%20security%20loophole%20that%20allowed%20easy%20SMS%20hijack&url=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.vice.com/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber
Title: Vice columnist Joseph Cox

Search URL Search Domain Scan URL

URL: https://okeymonitor.com/
Title: Okey Systems

Search URL Search Domain Scan URL

URL: https://lucky225.medium.com/its-time-to-stop-using-sms-for-anything-203c41361c80
Title: published their own article on Medium

Search URL Search Domain Scan URL

URL: https://www.vice.com/en/article/5dp7ad/tmobile-verizon-att-sms-hijack-change
Title: a report from Vice

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B018TO37DK
Title: available on Amazon

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.androidpolice.com&utm_medium=pb&session=5-484a1ccb3f24696a76c35ba9cf7bb057-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://flip.it/oJJak3 HTTP 302
https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Request Chain 58

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=eab83c7f-a5ce-11ec-aa3c-16a7f9820506 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=94&advUuid=eab83c48-a5ce-11ec-aa3c-16a7f9820506

Request Chain 65

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=93&advUuid=ee4ce7eb-c320-45df-a6f8-e7205ffe92c5

Request Chain 66

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=99&advUuid=YjL1sjgwjUjBtcCXOQsMrgAAAqwAAAAB

Request Chain 67

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3362274640445804373143&advId=121&advUuid=3362274640445804373143

Request Chain 69

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D6232f5b15244b%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=105&advUuid=8326691223526624621

Request Chain 85

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001647506866-CLJE11L9-46GH&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001647506866-CLJE11L9-46GH&adnxs_id=8326691223526624621

Request Chain 86

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001647506866-CLJE11L9-46GH HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001647506866-CLJE11L9-46GH HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&id=AU1D-0100-001647506866-CLJE11L9-46GH

Request Chain 87

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001647506866-CLJE11L9-46GH HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001647506866-CLJE11L9-46GH HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=E1BA56A0-91C0-4960-B860-893E471C5FA3&id=AU1D-0100-001647506866-CLJE11L9-46GH

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001647506866-CLJE11L9-46GH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001647506866-CLJE11L9-46GH&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&google_gid=CAESELD7zbP07vuLFbVBPauFBhA&google_cver=1&google_ula=450542624,0

Request Chain 89

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001647506866-CLJE11L9-46GH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0NzUwNjg2Ni1DTEpFMTFMOS00NkdI

Request Chain 90

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001647506866-CLJE11L9-46GH HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=b4b96232-f5b2-4600-a7da-972debc94c87&id=AU1D-0100-001647506866-CLJE11L9-46GH

Request Chain 92

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001647506866-CLJE11L9-46GH%26sas_uid%3D%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&sas_uid=[sas_uid]&cklb=1

Request Chain 95

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=vQrFb6kifgIaNePxw0WC&pi=admatic&tc=1

Request Chain 109

https://ih.adscale.de/uu?cbfn=receive&t=1647506866 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1647506866&nut&uu=e0652a3543db4eb3a9dc53d918e422ef

Request Chain 117

https://bbnaut.ibillboard.com/match/AdScale?partneruid=e0652a3543db4eb3a9dc53d918e422ef&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=101&tpuid=BBID-01-03222208667253852-16552440

Request Chain 126

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0782f34f6af69764b16e9f9b5326735b1b486c59ff727eb1f2d7af93f68c76d3&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YjL1sjgwjUjBtcCXOQsMrgAA%26684

Request Chain 130

https://track.adform.net/serving/cookie/match/?party=9&uid=ccce431a9b28b02f2db0ff5d45493d442a397c05ea60ca765f2a31625c68f8b8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg&gdpr=0 HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=ccce431a9b28b02f2db0ff5d45493d442a397c05ea60ca765f2a31625c68f8b8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=42&gdpr=0&tpuid=1642686369460561511

Request Chain 131

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=0a39b944b96d3e27b7d8f2102fb5e1968a45b04873fbbddfdffd4a0577d9c85c&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=737a51fc-1064-4504-8af5-616a66198148&gdpr=0

Request Chain 132

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=a342c30599f05f148185fe3ee436052e1ab086f20e8f87e1513f52de8c3413dd&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b4b96232-f5b2-4600-a7da-972debc94c87&gdpr=0&gdpr_consent=

Request Chain 138

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBlYjhiOGNjYy1hNWNlLTExZWMtYjIyMy0wMmIwMjdjYzE5N2E%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFD92vKxU1gEaSIE0h2atZ4&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFD92vKxU1gEaSIE0h2atZ4&google_cver=1&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a

Request Chain 139

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YjL1swANrF99FwAy HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YjL1swANrF99FwAy&_origin=0&gdpr=1&gdpr_consent=&_test=YjL1swANrF99FwAy

Request Chain 140

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&_origin=1&gdpr=1&gdpr_consent=

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=67292e9395a6b8c27d0005b1727ac8259b2cc3e3774a6ef05226a119418d28f7&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?uid=67292e9395a6b8c27d0005b1727ac8259b2cc3e3774a6ef05226a119418d28f7&tpid=38&gdpr=0&tpuid=CAESEE1eT-vePUjcrSmOz3Zy1wc&google_cver=1

Request Chain 144

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=75&tpuid=8326691223526624621&gdpr=0

Request Chain 146

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=b738af9c5f9d0d5e35488100fc2a254836b5e091fe58bb83e4e327bba105760c&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=b738af9c5f9d0d5e35488100fc2a254836b5e091fe58bb83e4e327bba105760c&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/js?tpid=48&tpuid=d26a5ee3b035cbbaf1908f05baa01ee4

Request Chain 148

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D

Request Chain 150

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D

Request Chain 152

https://pr-bh.ybp.yahoo.com/sync/triplelift/3362274640445804373143?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bpiGHMBE2oSC_egG3bH6KTh8C2aeEh0UrD_LfbboLA--~A&dongle=0883

Request Chain 155

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3362274640445804373143 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3362274640445804373143&dcc=t

Request Chain 156

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 168

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E005B7DCD8E04FD694BF50EA97F106DA&RedC=c.clarity.ms&MXFR=25A81CA3A5A66EFA2FE80DC9A1A660EC HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E005B7DCD8E04FD694BF50EA97F106DA&MUID=075C0917B2F66CAA2626187DB3076DE0

183 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Redirect Chain

https://flip.it/oJJak3
https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

642 KB
131 KB

664ms
417ms

Document
text/html

44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fa799d5def88aed9d20aabd466618c633de6a8dd957cee82b6093ff30ea88520

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

server: nginx
date: Thu, 17 Mar 2022 08:47:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br

Redirect headers

content-type: text/html; charset=utf-8
content-length: 282
location: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
date: Thu, 17 Mar 2022 08:47:44 GMT
cache-control: public, max-age=3600
vary: Accept
x-xss-protection: 1
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: iK_2KnyR4FH-VQFPuhsWuORMsUh20TDrAuzrnRw74fz3xFcl9EwO7Q==

GET
H2 200 sms-2fa-bank-insecure.png
static1.anpoimages.com/wordpress/wp-content/uploads/2019/02/ 498 KB
499 KB 454ms
405ms Image
image/png 2606:4700:10::6816:4485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.anpoimages.com/wordpress/wp-content/uploads/2019/02/sms-2fa-bank-insecure.png?q=50&fit=contain&w=1500&h=&dpr=1.5
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4485 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772782bcee23ee0f1774ebf7f9dfeac01d8f4b7c6174c35d6e414ba21f3c17bd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
cf-cache-status: MISS
content-disposition: inline; filename="sms-2fa-bank-insecure.png"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 510105
x-request-id: EkkBQSoh9C2iQmDThqxbm
server: cloudflare
etag: 9aed4e103bdae320bc2d71a531bea408ad68bbd4ae2592c9faaaf527e4ba687b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ed477323d5559e9-MXP
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 a-article.32ab7f6b.css
www.androidpolice.com/public/build/ 187 KB
27 KB 209ms
209ms Stylesheet
text/css 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/a-article.32ab7f6b.css

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

db0dab7b649c716807caa2ef9b13c51cc48e98c5261c47f5aeb714d987e3008e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6231048a-2ea57"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Fri, 17 Mar 2023 08:47:44 GMT

GET
H2 200 dfp.js Show response
www.androidpolice.com/public/build/ 36 B
509 B 132ms
130ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/dfp.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6231048a-24"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 valnet-header-ads.a8e17398.js Show response
www.androidpolice.com/public/build/ 3 KB
1 KB 133ms
130ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/valnet-header-ads.a8e17398.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8b0d1446f412484a2a7d1abb46ddc5de128d8aaf11b1fe04ac729ee4830c5e5b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6231048a-afe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 ck.5.js Show response
f.convertkit.com/ckjs/ 52 KB
14 KB 93ms
35ms Script
application/javascript 2606:4700::6812:ba39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f.convertkit.com/ckjs/ck.5.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ba39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7b7fb37ec681a6a1bd507ce80613c7343fb3b394b29e21e7b11d6a6df933f68

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 14:51:13 GMT
server: cloudflare
age: 2572
etag: W/"7f6a2b3f8f18a10fb2a520d097324cd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6ed47733fa86375d-MXP
x-amz-request-id: DD056DB2ZP5SD96G
x-amz-id-2: tOTGhDZ7dqL34M37U4xDAV5HFZXgQe7vYabPgyM/uUTkccogvZmLARpTq1ZIJ3db5/300ULSgwc=
expires: Thu, 17 Mar 2022 12:47:45 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/valnet/ 45 KB
19 KB 106ms
32ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/op.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7af60b64bb4b300d910a83625c0a3d7b1197bce0acb9d622ad704f7285d02a70

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: YkDXXTbOnFr9enCYZHqC8ywzsFV8cejG
content-encoding: gzip
etag: "b577313479ac4c24944f9e61c4fb8aea"
age: 2785
x-cache: Hit from cloudfront
content-length: 18579
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 16 Mar 2022 09:32:32 GMT
server: AmazonS3
date: Thu, 17 Mar 2022 08:01:21 GMT
content-type: application/javascript
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: 0dcLXaRZid429YhQiG7j4S5Y6lcKIBVpSoNTmH6dX1xGt0bQ547BfA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 138ms
77ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c28518dd8e8d30f17d37eaa30b09f00dd2cbeb3ab4b5fa0913fd922e1f60f569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54652
x-xss-protection: 0
server: cafe
etag: 15772746419381019231
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 44 KB
44 KB 125ms
49ms Script
text/javascript 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f2a3441f61d4c9e2b3eeb253795178613770516814dbd1d4d43526172d38ba5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA60-P3
content-type: text/javascript; charset=utf-8
x-amz-cf-id: GHfcXBG8Uj2MruUrBzOGFyboh9GuRp9keWYB-yzBIdQizyIGXQMyhw==

GET
H2 200 valnet-footer.f1a74aa8.js Show response
www.androidpolice.com/public/build/ 211 KB
59 KB 117ms
115ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/valnet-footer.f1a74aa8.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b82b73f8a6f48e57c81f72701415829861dc435979814893c8b82aab6bc1ad9e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6231048a-34b02"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 valnet-footer-article.92f12ed7.js Show response
www.androidpolice.com/public/build/ 4 KB
2 KB 117ms
115ms Script
application/javascript 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/valnet-footer-article.92f12ed7.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fa7350aa203f13a5124664f3a31b60b6074cf7da52be06dd45b1fd6adff45b4f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"6231048a-11f1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H/1.1 200
OK count.js Show response
androidpolice.disqus.com/ 1 KB
2 KB 68ms
16ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 272
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 11 Mar 2022 23:05:12 GMT
Server: nginx
ETag: "622bd5a8-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: iVkPKYL_PObQfTnbd0URVrjjcFb6wnPdDE7NZ1UIhtGhSQNFo6u3DA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
38ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2579
date: Thu, 17 Mar 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Mar 2022 10:04:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
58 KB 106ms
47ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PQPCZ5S

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45b9e13d4fa664b53dc044e0b6947a544e76a40edf19ac9b08aae3209e4c115d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59156
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H/1.1 200
OK narrativ-pub.1.0.0.js Show response
static.narrativ.com/tags/ 38 KB
39 KB 124ms
41ms Script
application/octet-stream 18.64.115.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-87.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f567c55b5c79aa9f39aab2be1238d660b7a6bb498c3c0d822a878cf2736d2a95

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 04:59:05 GMT
Via: 1.1 f457b4e0db5ab2b66536f068ee4589c0.cloudfront.net (CloudFront)
Last-Modified: Fri, 25 Feb 2022 15:17:49 GMT
Server: AmazonS3
Age: 13721
ETag: "86a8016aa913f61d79ac86e9569ba385"
X-Cache: Hit from cloudfront
Content-Type: application/octet-stream
Connection: keep-alive
X-Amz-Cf-Pop: TXL50-P4
Content-Length: 39367
X-Amz-Cf-Id: O9VFD-eE_4WdW-xfSSeAU8-yK9faod9cfjE-jIvfP-GPB1VOU1eYsQ==

GET
H2 200 v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg Show response
scarfsmash.com/ 522 KB
90 KB 300ms
228ms Script
text/javascript 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

5ebf783622eed429742da99882ee64040d2d79693868a9079863b2f8c757d8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "2d51d0ea61477a2a23fb9556d7cbe0da9c78113918651d40725d7f06fa800596"
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-n4tq
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 17 Mar 2022 08:47:45 GMT
x-buildnumber: 491834569
timing-allow-origin: *

GET
H2 200 269 Show response
a.ad.gt/api/v1/u/matches/ 5 KB
5 KB 619ms
198ms Script
application/javascript 35.84.228.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&ref=
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.228.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-228-30.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e02f25db92329940496c02164af1af628953d514893951c784d4d643e4a0df21

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
server: nginx/1.18.0
content-length: 5273
content-type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56c78d69ee5d00d18d707886e102c7d4178063365d99cf4ab03061a7398ba073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27792
x-xss-protection: 0
server: sffe
etag: "1160 / 92 of 1000 / last-modified: 1647468398"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 128ms
41ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 484
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0RXY05EQZXTHNF0YPT61
date: Thu, 17 Mar 2022 08:39:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Q884eJM3bSKU3q-sPCGCHpZcmwokxKAJgxweEhL16Ce9tYd1qrkL2Q==

GET
H2 200 ap-logo-full-colored-dark-ukr.566b608c.svg
www.androidpolice.com/public/build/images/ 5 KB
2 KB 130ms
130ms Image
image/svg+xml 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.androidpolice.com/public/build/images/ap-logo-full-colored-dark-ukr.566b608c.svg

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

480ec605663d6d4099ac88df797be15349e23e54dfd48345909c9df9eb7373cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62310489-1314"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 Gilroy-Bold.3834bcd8.woff2
www.androidpolice.com/public/build/fonts/ 31 KB
31 KB 129ms
129ms Font
font/woff2 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/fonts/Gilroy-Bold.3834bcd8.woff2

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e8fd802ce5042d308a2d650c3db8f60b2bd3b884f34d6ceabe0631a3a9e226f5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css
Origin: https://www.androidpolice.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
x-content-type-options: nosniff
content-length: 31380
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62310489-7a94"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 icomoon.f6f8c0b4.woff
www.androidpolice.com/public/build/fonts/ 16 KB
16 KB 129ms
128ms Font
font/woff 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/fonts/icomoon.f6f8c0b4.woff

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

81a308fdc81ba9f72dd686a167c292bfd1c15d190d09d7846927ee475fc3b3ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css
Origin: https://www.androidpolice.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
x-content-type-options: nosniff
content-length: 15976
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62310489-3e68"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 Gilroy-Medium.0ba01f1d.woff2
www.androidpolice.com/public/build/fonts/ 30 KB
31 KB 117ms
117ms Font
font/woff2 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/fonts/Gilroy-Medium.0ba01f1d.woff2

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9115bbf3b3dee88764e74ecdf31c2234ece91aa42a596a1d3ba11925662777ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css
Origin: https://www.androidpolice.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
x-content-type-options: nosniff
content-length: 31156
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62310489-79b4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 Gilroy-Bold_italic.d2a25e8b.woff2
www.androidpolice.com/public/build/fonts/ 33 KB
34 KB 186ms
185ms Font
font/woff2 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/public/build/fonts/Gilroy-Bold_italic.d2a25e8b.woff2

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8de54c7f2a14946bea6b5a163956b2fb8ef2d2394318556fa4a3188890bdeb36

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css
Origin: https://www.androidpolice.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
x-content-type-options: nosniff
content-length: 33896
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "62310489-8468"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
accept-ranges: bytes
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 7A0F 5 KB
5 KB 40ms
40ms Script
text/javascript 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27d0928ad984f61f353f599535c36f982a29abaf67701fc647573f4bf424f69f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA60-P3
content-type: text/javascript; charset=utf-8
x-amz-cf-id: uhNMtL1mk_sLr7QkdOQVflDP9-zTVUJqRFcBoRrmc12lVbR1OMm2Ww==

GET
H2 200 segments.js Show response
seg.ad.gt/api/v1/ 102 B
199 B 602ms
203ms Script
application/javascript 52.25.88.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.88.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-88-123.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 0c2dec85335834c0973ab0c4a4b47044c87504ee8435fd89a1ab997348be6ed5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: application/javascript

GET
H2 200 ap-logo-full-white.dcd167c8.svg
www.androidpolice.com/public/build/images/ 5 KB
2 KB 116ms
115ms Image
image/svg+xml 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.androidpolice.com/public/build/images/ap-logo-full-white.dcd167c8.svg

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

daac16a8dcbf772343d560088f23516e8235ab8c3450cae85cc1c61ad4aa6db2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/public/build/a-article.32ab7f6b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Mar 2022 21:26:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"62310489-1262"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 b-7b120a5-0a477631.js Show response
tagan.adlightning.com/valnet/ 73 KB
28 KB 32ms
32ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/b-7b120a5-0a477631.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46e15ddd3f3583786961d72eb1a81b34bc9dad89240a461dcf02b43c6aa9e9c7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:49:40 GMT
content-encoding: gzip
age: 7520285
x-cache: Hit from cloudfront
content-length: 28013
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 20:29:14 GMT
server: AmazonS3
etag: "4675e7fa49e7c0ac9234b8fdf094591d"
x-amz-version-id: 7LhAmE_DVksgARINqWh9rINHREPkIDVQ
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BIu22GIwIWsuv77GLPD1UJuWVQNL-M7CzUXx_8cYeYUyzUdYDBnkVw==

GET
H2 200 bl-92ee7c4-446cc315.js Show response
tagan.adlightning.com/valnet/ 119 KB
36 KB 41ms
41ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/bl-92ee7c4-446cc315.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e8ca41e0cd7a439fea3e13cd3ca96e1486dba5f840683a97f2e71c8453988c0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 09:50:35 GMT
content-encoding: gzip
age: 82631
x-cache: Hit from cloudfront
content-length: 36573
x-amz-meta-git_commit: 92ee7c4
last-modified: Wed, 16 Mar 2022 09:31:33 GMT
server: AmazonS3
etag: "35a791e9445383151f47ea50ee36682e"
x-amz-version-id: EbKQ0zbuIT5i6EzBMvcXlvVex5_yi05E
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: XzmFt2nux1KVNiIqps6VURNsdqjcq4RQvcVNnYXUxUVwo18FCSGJvA==

GET
H/1.1 200
OK count-data.js Show response
androidpolice.disqus.com/ 1 KB
2 KB 171ms
171ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Famazon-fire-tv-omni-series-smart-tv-deals%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Farm-slashes-workforce-after-regulators-kill-nvidia-deal%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fbest-usb-c-cables%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fchromebook-radiance-wallpapers%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fchrono-trigger-will-finally-receive-a-substantial-update-after-years-of-silence-from-square-enix%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Ffiio-btr5-2021-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fgoogle-promises-to-finally-start-showing-tablets-some-play-store-love%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fharry-potter-magic-awakened-guide%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fhow-to-extend-your-samsung-phones-battery-life%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f5cf8fa362de8f59775b5f979ac2db8d69db4fe01fc7f55f70c62acd8d10526

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1265
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
androidpolice.disqus.com/ 1 KB
2 KB 189ms
158ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Fiqoo-9-pro-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fnetflix-is-thinking-about-charging-you-extra-for-sharing-your-account%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Foneplus-9-pro-big-march-sale%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Foneplus-nord-ce-2-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fosom-ov1-specs-stainless-steel-titainium-ceramic%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Frussian-2fa-hackers%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-galaxy-s22-plus-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fsamsung-galaxy-tab-s8-plus-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fthe-google-io-puzzle-for-2022%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Ftrade-in-your-ancient-samsung-galaxy-phone-for-a-free-galaxy-s22-at-att%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

201fb872946b887978ab032f9f454cc9eae3f3c19056ace8d1db48a9f0acf1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 1051
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
androidpolice.disqus.com/ 444 B
1 KB 47ms
16ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://androidpolice.disqus.com/count-data.js?2=https%3A%2F%2Fwww.androidpolice.com%2Fxiaomi-12-pro-review%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fxiaomi-buds-3t-pro-watch-s1-active-announced%2F&2=https%3A%2F%2Fwww.androidpolice.com%2Fyoutube-tv-pip-guide%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e57a28730f72b49dbe1e83e713021f9ccba87bbd96b305545a1eaba794099b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 1589
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 444
X-XSS-Protection: 1; mode=block

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
536 B 109ms
33ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a633abf6ef85a1bf221e75979146c4c7f7a6164732a6a981180a84cf44ced8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.androidpolice.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 pubads_impl_2022030901.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
121 KB 129ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123713
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 09:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Mar 2023 07:01:36 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 329 B
797 B 130ms
49ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.androidpolice.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7ea26c2e155afa821d8a157303a6dc302c9d1740b36ae5313f0ece87a60c1e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161
x-xss-protection: 0
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame 7A0F 19 KB
6 KB 35ms
34ms Script
application/javascript 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"5e441350-4be0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: gOQtxMwuADBcseze42YD7h9HwVvZBF2peNTYqOKZn6TRgnDf_uf-qA==
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame 7A0F 9 KB
3 KB 36ms
35ms Script
application/javascript 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"6024fccc-228f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: Djc1ytthH3cVGsLJVkqxRiw6zh0vIpsuYhiaCDU5G6hG7EQ8AZ-Gbw==
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame 7A0F 8 KB
3 KB 36ms
35ms Script
application/javascript 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"6024fccc-1ef8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: u9s8iFn8QQYztk0XTHbsV_1-RUhoi_COeuCUKetSCJaUr3Vv4YSOaw==
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 hls.0.12.4_2.min.js Show response
live.primis.tech/content/video/hls/ Frame 7A0F 256 KB
71 KB 35ms
34ms Script
application/javascript 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:44 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 08:36:05 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"5f34fb75-3ff27"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-id: zBZLBumjt-iuXnch2hDiSyIq3K59JRyRUVWszDMAB4yoCWV4e57qLw==
expires: Fri, 17 Mar 2023 08:47:44 GMT

GET
H2 200 prebidVid.5.18.0_10.min.js Show response
live.primis.tech/content/prebid/ Frame 7A0F 481 KB
482 KB 53ms
52ms Script
application/javascript 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6878481c0ef11e3936b1cfa40514841cd398302508e0ef56b830f86e471718e1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 12:54:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: "6231de18-78386"
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 492422
x-amz-cf-id: SzRdj2JUD3RH9t9ZH0q0Pfb7VgOEw5iRD_3H0HkcznMYV5PTv4DE7g==
expires: Fri, 17 Mar 2023 08:47:45 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame 7A0F 530 KB
531 KB 71ms
71ms Script
text/html 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30332D31375F31307D7B7331363734393939317D7B433136347D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A24%3A44%3A%3A17&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6232f5b15244b&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108500&subId=[AP-Reg-Org]&x=600&y=338&cbuster=1647506865&pubUrlAuto=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&isDoublePreroll=1&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a36b232778d3599e81a292de7e7092989c0c4a01d3df2775bd8d08ff258ca4b4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:44 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: l5UBMuU502uV4cEjN1w9SocnDoCPF4otAQFJJTfjc4RSt0T8YMgr8w==
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 294 KB
106 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8382598503519971&plah=www.androidpolice.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5969141c63e20f710f22ed12f9564c8bc139520e14c12a4f16053a1034a6265f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108579
x-xss-protection: 0
server: cafe
etag: 12985863494985530864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220315/r20190131/ Frame EECE 10 KB
5 KB 100ms
39ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220315/r20190131/zrt_lookup.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 17 Mar 2022 00:07:10 GMT
expires: Thu, 31 Mar 2022 00:07:10 GMT
cache-control: public, max-age=1209600
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
age: 31235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQPCZ5S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f63a44e181aba94cec6e9f333ab960f197d40a52856e9a0c498c05159d00f48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64463
x-xss-protection: 0
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

4 KB
2 KB

28ms
28ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4775434
fly-request-id: 01FSX6RSS0FHBQ6KRMPJWR4WR9
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ed47737ab2de907-MXP

Redirect headers

date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FYBGPTJM5X9DQ250XRM9FWY1-fra
server: cloudflare
age: 283
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6ed47735a80be907-MXP
access-control-allow-origin: *

GET
H2 200 8uhibhcqnt Show response
www.clarity.ms/tag/ 664 B
1 KB 234ms
142ms Script
application/x-javascript 2620:1ec:27::cafe:2250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/8uhibhcqnt?ref=gtm2
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2250 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 29a13bd46f1aef9f17946d38926841937758b9f20e1e45c986e5629ae70d3429

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:44 GMT
x-powered-by: ASP.NET
x-azure-ref: 0sfUyYgAAAACSMN7BQ0O2S6c3kPa164TaQlJVMzBFREdFMDcxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 964 B
1 KB 153ms
152ms XHR
application/json 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fwww.androidpolice.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 955dd368bec858f5ab6c2c4c1bc73d4299d69d387c7a36046fe80501fff14167

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:44 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 964
x-amz-cf-id: bwVkRtg7mzSQ8FH3QuLwOZA58yKKTl8dROBR5pGUYS1Dkh9ysGvFtA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 150ms
60ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 02:25:02 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 22964
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: L_yxLs-LSfMKcU60tqysJ7YmilU3Fo7P0I5Y7bUhwEUhPRrSyyQHDg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.it/v1/ 3 B
465 B 132ms
43ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.it/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.androidpolice.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 105ms
24ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Thu, 17 Mar 2022 09:02:45 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 129ms
53ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Thu, 17 Mar 2022 08:30:42 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 11181
x-request-id: 940378657

GET
H2 200 acv.json Show response
scarfsmash.com/ 210 KB
46 KB 88ms
36ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/acv.json

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
last-modified: Fri, 04 Feb 2022 18:26:27 GMT
x-datacenter: gce-europe-west1
date: Thu, 17 Mar 2022 08:47:45 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-spot-n4tq
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 491834569
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
accept-ranges: bytes

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 121ms
23ms Image
image/gif 2600:9000:223f:9a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:9a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
age: 19240391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: sBy_TfNovblpnyzGsKaxchvSOxI57-z-QkR3AFJV1V4jSTyV4qlyhg==

GET
H2 200 clarity.js Show response
l.clarity.ms/s/0.6.31/ 52 KB
23 KB 343ms
112ms Script
application/javascript 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8uhibhcqnt?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
content-encoding: br
etag: "1d8380e6acd1e00"
last-modified: Tue, 15 Mar 2022 01:45:58 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 72ms
36ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6Y5Q4PR4RC&gtm=2oe3e0&_p=1485460906&sr=1600x1200&ul=en-us&cid=961791858.1647506866&_s=1&dl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&dt=US%20carriers%20close%20security%20loophole%20that%20allowed%20easy%20SMS%20hijack&sid=1647506865&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
18 KB 35ms
35ms Stylesheet
text/css 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 07:06:30 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: "620367f6-465a"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 18010
x-amz-cf-id: 0P_E_OKxp4HawxG3O7CT1ayjmN6tUZqv-uvFDfJB3-e_ZEe1qKLj-A==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 7A0F 134 KB
36 KB 40ms
40ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30332D31375F31307D7B7331363734393939317D7B433136347D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A24%3A44%3A%3A17&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6232f5b15244b&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 484
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0RXY05EQZXTHNF0YPT61
date: Thu, 17 Mar 2022 08:39:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gYgBySbujPbG2EiVA3YKvu4bsngjWs_YBfE5dlfo-_z_LCYpTri01A==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
933 B 106ms
37ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 08:46:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 08:47:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 08:47:46 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B00D 15 KB
6 KB 99ms
28ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=100596
expires: Fri, 18 Mar 2022 12:44:22 GMT
date: Thu, 17 Mar 2022 08:47:46 GMT
vary: Accept-Encoding

GET
H2

200

liveCS.php Show response
live.primis.tech/live/ Frame D3BC
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=94&advUuid=eab83c48-a5ce-11ec-aa3c-16a7f9820506

0
332 B

36ms
35ms

Document
text/html

2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=94&advUuid=eab83c48-a5ce-11ec-aa3c-16a7f9820506
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

content-type: text/html; charset=utf-8
server: nginx
date: Thu, 17 Mar 2022 08:47:45 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: rOb_McH4262xT_tdw3YpgzRNKTY4_yTZOxldMVsnHFScZ5503wC-vw==
age: 0

Redirect headers

Server: nginx
Date: Thu, 17 Mar 2022 08:47:46 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=94&advUuid=eab83c48-a5ce-11ec-aa3c-16a7f9820506
X-fe: 7
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 5E8F 43 B
305 B 77ms
39ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Thu, 17 Mar 2022 08:47:46 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 89B8 2 KB
1 KB 158ms
39ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 0cf716e9d1ee24234277e142d1893ee679ae787d6f114b9ca7701ad6b89c3f14

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

Server: Adtelligent
Date: Thu, 17 Mar 2022 08:47:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 872
Access-Control-Allow-Origin: https://www.androidpolice.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 7A0F 50 KB
7 KB 74ms
74ms XHR
application/json 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2RxMGFuODJxMTp2MwUmODE4Lz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDM3JaZcZF9wo250ZW50X2Ryp2M9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsqGy0oGU9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsZHVlYXRco249NDxkJzRyYaVaSW5zo3JgYXRco249Jat9NwAjJax9MmM4JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRwIjMwEyMxYjMlUlRwI5JTJGq2ucqGUgnGF0LWuuY2gypv1coaZyp3RcZ2F0nW9hLWNup3RmLWV2ZW4goW9lZS1xo3VvqC1iov1moXMgYzFmZWQgMzZuLW1yqGuiZHMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMmJEMmEmNmVGMmEmMDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmMTM2MmQ3RDqCNTM1OTU4NDE3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmxmMmY0MmM2Mmp1NTx1NmM1NxI2MmZEMmx3MDVBNDt0Mwp2NwI0NmZDNxE1QTUmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTMmMmMmODqEN0I2NwMkN0Q3QwRDMmEmMTM0MmMmMmqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NDUhNDplMvZaZW9Mo25aPTxhMTxlMvZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElNCUmQTQ0JTNBJTNBMTpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx5LwAhNDt0NC41MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwMlZwVvMTUlNDRvJzNvqXN0ZXI9MTY0NmUjNwt2NwAjMlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30332D31375F31307D7B7331363734393939317D7B433136347D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A24%3A44%3A%3A17&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6232f5b15244b&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a4544707c1ec8b6f7f7dcc25586ea7eb87611291240343bc22dbec742116cee

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
content-type: application/json; charset=utf-8
content-length: 6674
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id: kVdviT7PsKDgf4hpyC2EdK5uNI6tdA9JnUy8aGqnjWUMB4pjcJZ1YA==

GET
H2 200 logo_11433.png
video.primis.tech/uploads/video/users/logo/30875/ 1 KB
2 KB 137ms
39ms Image
image/png 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/video/users/logo/30875/logo_11433.png?cbuster=1631179290
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 2d982a78b1da56ba84ff4f57aad9715cef56b27e56f4ed18f5b831a0f4d7d2e6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Thu, 09 Sep 2021 09:21:30 GMT
server: Tengine
x-amz-cf-pop: FRA60-P3
etag: "8aa2d39c821a27affdb7f7a98e4b58a2"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 31 Mar 2022 08:47:46 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1239
x-amz-cf-id: oyfKMsqjL1gGRvmRefOfgJJ_y4FGKONZFrpKP0GCVwDNYe1ADxi0LQ==
x-proxy-cache: HIT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
355 B 37ms
36ms Image
text/html 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0NmUjNwt2NSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4NTAjJaN0YT0jJat9NwAjJax9MmM4JaZcZF9jYXNmRG9gYWyhPXq3ql5uozRlo2yxpG9fnWNyLzNioSZmqWJJZD1upC1lZWpgo3JaX3q3ql5uozRlo2yxpG9fnWNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMjMmMlRDMkMmp1RwMkMmA3RDqCNmMmMTM2MmpmNDM5MmxmOTMkN0Q3QwQmMmEmNwM0N0Q3QwUmNTx1ODQkNmQ2MmZENTY2RTRDNTpmOTp5NUEmMTM5MmM2NDMmNwM3NTU5NTpmNTZCNwM2RDM5NmA1QTQ4NDI3NwYlNDp2QmZBNUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmMmMmMmt3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmM3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTI0JTNBNDQyM0EyM0EkNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5OS4jLwQ4NDQhNTEyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlMmJzNWIkNTI0NGIzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0NmUjNwt2NTx4OCZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwMlZwVvMTqzMzVvJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRwIjMwEyMxYjMlUlRwI5JTJGq2ucqGUgnGF0LWuuY2gypv1coaZyp3RcZ2F0nW9hLWNup3RmLWV2ZW4goW9lZS1xo3VvqC1iov1moXMgYzFmZWQgMzZuLW1yqGuiZHMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-pop: FRA60-P3
content-type: text/html; charset=UTF-8
x-amz-cf-id: oiBsWj8KRzNscFrs5tRNzbUjoUyuJTpHJqVfXGAADAaqjfy2bJUaAg==

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7A0F 43 B
220 B 140ms
27ms Image
image/gif 18.197.240.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.240.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-240-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 7A0F
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=93&advUuid=ee4ce7eb-c320-45df-a6f8-e7205ffe92c5

0
332 B

37ms
36ms

Image
text/html

2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=93&advUuid=ee4ce7eb-c320-45df-a6f8-e7205ffe92c5
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA60-P3
content-type: text/html; charset=utf-8
x-amz-cf-id: 2mpQi92NJBRndvPImUqu6YGwVt52ytEuAo-v3dObtF1zGIJmD2UUYw==

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=93&advUuid=ee4ce7eb-c320-45df-a6f8-e7205ffe92c5
date: Thu, 17 Mar 2022 08:47:46 GMT
server: _
content-length: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 7A0F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D99%26advUuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=99&advUuid=YjL1sjgwjUjBtcCXOQsMrgAAAqwAAAAB

0
332 B

36ms
36ms

Image
text/html

2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=99&advUuid=YjL1sjgwjUjBtcCXOQsMrgAAAqwAAAAB
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA60-P3
content-type: text/html; charset=utf-8
x-amz-cf-id: SoS8uZMY_ftZZ2ThgFFNLoqF3mnP67Gqa_1NMuJb0fOq1UuRqoIqDw==

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 08:47:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=99&advUuid=YjL1sjgwjUjBtcCXOQsMrgAAAqwAAAAB
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Expires: Thu, 17 Mar 2022 08:47:46 GMT

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 7A0F
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3362274640445...

0
331 B

36ms
36ms

Image
text/html

2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3362274640445804373143&advId=121&advUuid=3362274640445804373143
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA60-P3
content-type: text/html; charset=utf-8
x-amz-cf-id: msY2mOp2OHHM77mwJv7sHct4zK39eCeUZ7nR6zpLIGlCm83zycgStg==

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D3362274640445804373143&advId=121&advUuid=3362274640445804373143
date: Thu, 17 Mar 2022 08:47:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 7A0F 0
239 B 110ms
27ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 7A0F
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D6232f5b15244b%2526pixel%253D%2526advId%253D105%2526ad...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=105&advUuid=8326691223526624621

0
332 B

35ms
35ms

Image
text/html

2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=105&advUuid=8326691223526624621
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-pop: FRA60-P3
content-type: text/html; charset=utf-8
x-amz-cf-id: qDI_MFS_2sFWtHGo0eN1EYmfyYSvWeff_sOhKxWdy8nCa1f3LJFbpw==

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 08:47:46 GMT
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5baafe65-bfdc-48c7-962b-7787aedf09c8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6232f5b15244b&pixel=&advId=105&advUuid=8326691223526624621
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vid6135cdd0aa82d176253818.jpg
video.primis.tech/uploads/cn7/video/users/converted/30875/video_6135c3ae46289537299997/ 8 KB
8 KB 137ms
40ms Image
image/jpeg 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn7/video/users/converted/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.jpg?cbuster=1630916054
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: abf89cea82a0ed0edf2a63b7f1aa587bea8f6dcbe393265c93f264b021264c40

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 08:15:46 GMT
server: Tengine
x-amz-cf-pop: FRA60-P3
etag: "d693c8381e94168542c16707c932e324"
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Mar 2022 08:47:46 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 7699
x-amz-cf-id: rjmiUNE0I5gNl2NtIvSAbjWhe7pnwFNGJ2e_3yTYVwlsGCBtBq8JOw==
x-proxy-cache: HIT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 7A0F 81 KB
9 KB 95ms
95ms XHR
application/json 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2RxMGFuODJxMTp2MwUmODE4Lz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDM3JaZcZF9wo250ZW50X2Ryp2M9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsqGy0oGU9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsZHVlYXRco249NDxkJzRyYaVaSW5zo3JgYXRco249Jat9NTAjJax9MwtkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRwIjMwEyMxYjMlUlRwI5JTJGq2ucqGUgnGF0LWuuY2gypv1coaZyp3RcZ2F0nW9hLWNup3RmLWV2ZW4goW9lZS1xo3VvqC1iov1moXMgYzFmZWQgMzZuLW1yqGuiZHMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMmJEMmEmNmVGMmEmMDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmMTM2MmQ3RDqCNTM1OTU4NDE3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmxmMmY0MmM2Mmp1NTx1NmM1NxI2MmZEMmx3MDVBNDt0Mwp2NwI0NmZDNxE1QTUmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTMmMmMmODqEN0I2NwMkN0Q3QwRDMmEmMTM0MmMmMmqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NDUhNDplMvZaZW9Mo25aPTxhMTxlMvZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElNCUmQTQ0JTNBJTNBMTpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx5LwAhNDt0NC41MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwMlZwVvMTUlNDRvJzNvqXN0ZXI9MTY0NmUjNwt2NwAkNSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30332D31375F31307D7B7331363734393939317D7B433136347D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A24%3A44%3A%3A17&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6232f5b15244b&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c85ed6f1f083e8537fa04ba61fbb850d5a1a7135ecd895a04a7a112023d4907

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
content-type: application/json; charset=utf-8
content-length: 8645
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id: 46V7QRiiAlkEhy18GaOOEfOVUEJTlGf825BgSRjgEZb7ghGmISunZA==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 7A0F 81 KB
9 KB 88ms
88ms XHR
application/json 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2RxMGFuODJxMTp2MwUmODE4Lz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDM3JaZcZF9wo250ZW50X2Ryp2M9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsqGy0oGU9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsZHVlYXRco249NDxkJzRyYaVaSW5zo3JgYXRco249Jat9MmQjJax9MTxkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRwIjMwEyMxYjMlUlRwI5JTJGq2ucqGUgnGF0LWuuY2gypv1coaZyp3RcZ2F0nW9hLWNup3RmLWV2ZW4goW9lZS1xo3VvqC1iov1moXMgYzFmZWQgMzZuLW1yqGuiZHMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMmJEMmEmNmVGMmEmMDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmMTM2MmQ3RDqCNTM1OTU4NDE3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmxmMmY0MmM2Mmp1NTx1NmM1NxI2MmZEMmx3MDVBNDt0Mwp2NwI0NmZDNxE1QTUmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTMmMmMmODqEN0I2NwMkN0Q3QwRDMmEmMTM0MmMmMmqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NDUhNDplMvZaZW9Mo25aPTxhMTxlMvZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElNCUmQTQ0JTNBJTNBMTpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx5LwAhNDt0NC41MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwMlZwVvMTUlNDRvJzNvqXN0ZXI9MTY0NmUjNwt2NwAkNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30332D31375F31307D7B7331363734393939317D7B433136347D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A24%3A44%3A%3A17&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6232f5b15244b&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c657076104f772db7516b5a885bb536180b933c302ba7ca1efd3df51cebb6e1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
content-type: application/json; charset=utf-8
content-length: 8641
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id: spVtJazGn_6IJUe7uJm19xCrIc2-hGyIj8ExiawmzgWB2ZOu_I2M4w==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 7A0F 50 KB
7 KB 64ms
63ms XHR
application/json 2600:9000:2251:e400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNlUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMDt3NSUlRaZcZGViXmYkMmVwM2FyNDYlODx1MmplOTx5OTpyMxZ2nWQ2MTM1Y2RxMGFuODJxMTp2MwUmODE4Lz1jNCZ2nWRsY29hqGVhqF9cZD0kODA3NDM3JaZcZF9wo250ZW50X2Ryp2M9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsqGy0oGU9QzVmqCgBozRlo2yxK1Biq2VlK1VmZXIeRzVuqHVlZXMeqGuuqCg5o3UeRz9lZ290K0V4nXN0ZWQzqzyxX2NioaRyoaRsZHVlYXRco249NDxkJzRyYaVaSW5zo3JgYXRco249Jat9NTAjJax9MwtkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5uozRlo2yxpG9fnWNyLzNioSUlRwIjMwEyMxYjMlUlRwI5JTJGq2ucqGUgnGF0LWuuY2gypv1coaZyp3RcZ2F0nW9hLWNup3RmLWV2ZW4goW9lZS1xo3VvqC1iov1moXMgYzFmZWQgMzZuLW1yqGuiZHMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMmJEMmEmNmVGMmEmMDqEN0I3MmMkMmYmNmM0MmxmOTM5MmE3RDqCNDMmMTM2MmQ3RDqCNTM1OTU4NDE3NDYmNxQ1NwZFNEM1NmM5Nmx1QTMkMmxmMmY0MmM2Mmp1NTx1NmM1NxI2MmZEMmx3MDVBNDt0Mwp2NwI0NmZDNxE1QTUmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTMmMmMmODqEN0I2NwMkN0Q3QwRDMmEmMTM0MmMmMmqERxVGRSZcp0FjpD0jJzqyo0kuqGx9NDUhNDplMvZaZW9Mo25aPTxhMTxlMvZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElNCUmQTQ0JTNBJTNBMTpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx5LwAhNDt0NC41MSgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MwMlZwVvMTUlNDRvJzNvqXN0ZXI9MTY0NmUjNwt2NwAkNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30332D31375F31307D7B7331363734393939317D7B433136347D7B5359584174636D566E4C5739795A313933643363755957356B636D39705A48427662476C6A5A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593333387D7B66317D7B4C31313433337DFEFE&userIpAddr=2001%3Aac8%3A24%3A44%3A%3A17&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=40&c2pWaitTime=5&isSinglePageFloatSupport=0&csuuid=6232f5b15244b&debugInfo=16749991_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749991&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4dzjowrqnk&secondaryContent=&x=600&y=338&pubUrl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=45.4722&geoLong=9.1922&vpTemplate=11433&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=ap-reg-org_www.androidpolice.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:e400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 063873bd79ab28173fcc9b23167b02683b7e759399b190dd3aec6057ee7e59a6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
content-encoding: gzip
server: nginx
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
content-type: application/json; charset=utf-8
content-length: 6491
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-id: CGcFLGEJs8T191mLwuh9J-CS_2vkBiftwtMZvMOBxa8Zb3LwhydArg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 35ms
35ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1485460906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&ul=en-us&de=UTF-8&dt=US%20carriers%20close%20security%20loophole%20that%20allowed%20easy%20SMS%20hijack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KADAAEABEAQCAC~&jid=1997657470&gjid=404668736&cid=961791858.1647506866&tid=UA-6275685-2&_gid=1104425434.1647506866&_r=1&_slc=1&cd1=765030&cd2=michael-crider&cd3=&cd4=News&cd5=News&cd6=regular&cd7=0&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=article&cd14=765030&cd15=michael-crider&cd16=&cd17=artem-russakovskii&cd18=regular&cd19=all&cd20=false&cd21=0&cd22=false&cd23=native&cd24=desktop&cd25=192.145.127.213&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&cd27=20-24&cd28=20210316&cd29=&cd30=other&cd31=News&cd32=%7CNews%7CSecurity%7Csms%7Ctwo-factor%20authentication%7C2fa%7C&cd33=O&cd34=showAds&cd35=false&cd36=content-all&cd38=software&cd39=News&cd40=Short-Term&z=147729785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 110ms
27ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://www.androidpolice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
content-length: 0
server: ATS/9.1.0.33
access-control-allow-origin: https://www.androidpolice.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 7A0F 0
120 B 115ms
31ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Thu, 17 Mar 2022 08:47:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 7A0F 19 B
492 B 109ms
50ms XHR
application/json 3.65.41.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&tmax=3000&gdpr=true

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.41.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-41-107.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 7A0F 0
198 B 167ms
115ms XHR
text/plain 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
x-openrtb-version: 2.5
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Thu, 17 Mar 2022 08:47:46 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 7A0F 0
222 B 165ms
66ms XHR
application/json 3.122.136.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.androidpolice.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 7A0F 173 B
407 B 119ms
28ms XHR
application/json 3.122.66.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.66.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-66-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b622aea6246d71f5e8bf78d704d2cbb557477dd2663a792e72742ce26a7a7c40

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
content-encoding: gzip
x-prebid: pbs-java/1.84.0
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H/1.1 204
No Content 318113 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 7A0F 0
1 KB 247ms
116ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/318113?src_sys=prebid
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 17 Mar 2022 08:47:46 GMT
X-SpotX-Timing-Transform: 0.001373
X-SpotX-Timing-SpotMarket: 0.078696
X-SpotX-Timing-Page-Mux: 0.000284
X-SpotX-Timing-Page-Require: 0.000341
X-fe: 107
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000030
X-SpotX-Timing-Page: 0.084014
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000329
Last-Modified: Thu, 17 Mar 2022 08:47:46 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.013212
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.androidpolice.com
X-SpotX-Timing-Page-Misc: 0.002947
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.065484
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 83ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.androidpolice.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:44 GMT
x-content-type-options: nosniff
age: 47762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:44 GMT

GET
H2 200 269 Show response
p.ad.gt/api/v1/p/ 27 KB
9 KB 584ms
194ms Script
application/javascript 54.186.216.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/269
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.216.34 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-216-34.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 0f0ac0c5c69f33d5b679d517a7f8921c7711bd764e3a3dd900d08e329b22bbc3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 15:36:44 GMT
server: nginx/1.18.0
etag: W/"1647445004.0-27683-2713389681"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 17 Mar 2022 20:47:46 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
6 KB 789ms
389ms Script
application/javascript 44.237.120.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.120.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-120-80.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e42808d7e52317336b8ce5e70efec1e44875ab17d58f9a3640bace9b7e314950

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
last-modified: Wed, 16 Mar 2022 21:21:48 GMT
server: nginx/1.20.0
content-type: application/javascript; charset=utf-8
cache-control: no-cache
origin-trial
content-disposition: inline; filename=halo02.js
content-length: 5763

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001647506866-CLJE11L9-46GH&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001647506866-CLJE11L9-46GH&adnxs_id=8326691223526624621

43 B
567 B

753ms
372ms

Image
image/gif

44.240.184.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001647506866-CLJE11L9-46GH&adnxs_id=8326691223526624621
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Thu, 17 Mar 2022 20:47:46 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 08:47:46 GMT
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 820a375c-c924-490e-b1af-643269de42d5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001647506866-CLJE11L9-46GH&adnxs_id=8326691223526624621
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001647506866-CLJE11L9-46GH
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=AU1D-0100-001647506866-CLJE11L9-46GH
https://ids.ad.gt/api/v1/t_match?tdid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&id=AU1D-0100-001647506866-CLJE11L9-46GH

43 B
572 B

394ms
189ms

Image
image/gif

44.240.184.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&id=AU1D-0100-001647506866-CLJE11L9-46GH
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Thu, 17 Mar 2022 20:47:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&id=AU1D-0100-001647506866-CLJE11L9-46GH
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001647506866-CLJE11L9-46GH
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001647506866-CLJE11L9-46GH
https://ids.ad.gt/api/v1/pbm_match?pbm=E1BA56A0-91C0-4960-B860-893E471C5FA3&id=AU1D-0100-001647506866-CLJE11L9-46GH

43 B
573 B

443ms
190ms

Image
image/gif

44.240.184.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=E1BA56A0-91C0-4960-B860-893E471C5FA3&id=AU1D-0100-001647506866-CLJE11L9-46GH
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Thu, 17 Mar 2022 20:47:46 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=E1BA56A0-91C0-4960-B860-893E471C5FA3&id=AU1D-0100-001647506866-CLJE11L9-46GH
date: Thu, 17 Mar 2022 08:47:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001647506866-CLJE11L9-46GH
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001647506866-CLJE11L9-46GH&google_tc=
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&google_gid=CAESELD7zbP07vuLFbVBPauFBhA&google_cver=1&google_ula=450542624,0

43 B
573 B

373ms
190ms

Image
image/gif

44.240.184.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&google_gid=CAESELD7zbP07vuLFbVBPauFBhA&google_cver=1&google_ula=450542624,0
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Thu, 17 Mar 2022 20:47:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&google_gid=CAESELD7zbP07vuLFbVBPauFBhA&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001647506866-CLJE11L9-46GH
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0NzUwNjg2Ni1DTEpFMTFMOS00NkdI

170 B
188 B

41ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0NzUwNjg2Ni1DTEpFMTFMOS00NkdI

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY0NzUwNjg2Ni1DTEpFMTFMOS00NkdI
date: Thu, 17 Mar 2022 08:47:46 GMT
server: nginx/1.20.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001647506866-CLJE11L9-46GH
https://ids.ad.gt/api/v1/mediamath_match?user_id=b4b96232-f5b2-4600-a7da-972debc94c87&id=AU1D-0100-001647506866-CLJE11L9-46GH

43 B
485 B

317ms
189ms

Image
image/gif

44.240.184.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=b4b96232-f5b2-4600-a7da-972debc94c87&id=AU1D-0100-001647506866-CLJE11L9-46GH
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Server: 44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Thu, 17 Mar 2022 20:47:46 GMT

Redirect headers

Date: Thu, 17 Mar 2022 08:47:46 GMT
Server: MT3 4256 109297d master cdg-pixel-x16 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=b4b96232-f5b2-4600-a7da-972debc94c87&id=AU1D-0100-001647506866-CLJE11L9-46GH
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
240 B 76ms
42ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001647506866-CLJE11L9-46GH
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 28
pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1647506866.398210,VS0,VE28
x-served-by: cache-mxp6952-MXP
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001647506866-CLJE11L9-46GH%26sas_uid%3D%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&sas_uid=[sas_uid]&cklb=1

0
75 B

35ms
35ms

Image
text/plain

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&sas_uid=[sas_uid]&cklb=1
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: HTTP/1.1
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&sas_uid=[sas_uid]&cklb=1
pragma: no-cache
date: Thu, 17 Mar 2022 08:47:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 104ms
34ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6275685-2&cid=961791858.1647506866&jid=1997657470&gjid=404668736&_gid=1104425434.1647506866&_u=KADAAEAAEAQCAC~&z=2017879598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Mar 2022 08:47:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 7A0F 6 KB
3 KB 38ms
38ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 02:25:02 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 22965
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
via: 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: c-HLF6E6rMSliRLCEwtNZfqDaxmXxVmlyNucMVeRl7dtcAbGGFyxdA==

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 9CF2
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=vQrFb6kifgIaNePxw0WC&pi=admatic&tc=1

0
407 B

727ms
326ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=vQrFb6kifgIaNePxw0WC&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Thu, 17 Mar 2022 08:47:46 GMT
Content-Length: 0
Etag: bd47938ff89d9836

Redirect headers

date: Thu, 17 Mar 2022 08:47:46 GMT Thu, 17 Mar 2022 08:47:46 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=vQrFb6kifgIaNePxw0WC&pi=admatic&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D4F4 15 KB
6 KB 30ms
27ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=100596
expires: Fri, 18 Mar 2022 12:44:22 GMT
date: Thu, 17 Mar 2022 08:47:46 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame BFAA 0
397 B 893ms
327ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Thu, 17 Mar 2022 08:47:46 GMT
Content-Length: 0
Etag: bd47938ff89d9836

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 205D 0
397 B 890ms
325ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Thu, 17 Mar 2022 08:47:46 GMT
Content-Length: 0
Etag: bd47938ff89d9836

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame 41BB 3 KB
2 KB 112ms
24ms Document
text/html 2600:9000:223f:3200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

content-type: text/html
last-modified: Fri, 11 Mar 2022 09:13:49 GMT
x-amz-version-id: R0FfDS0mLu4eWB6OFjO1gAqNYiEBI3ni
server: AmazonS3
content-encoding: br
date: Thu, 17 Mar 2022 07:13:53 GMT
cache-control: max-age=7200
etag: W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: k3r8KqSwcv-sNJ4LtKnbzczTdCEFfnrqSI0nIZ2QrXxtBJ0YE03mZQ==
age: 5634

GET
H2 200 cookie Show response
cm.adform.net/ Frame 30B6 43 B
106 B 132ms
45ms Document
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

server: nginx
date: Thu, 17 Mar 2022 08:47:46 GMT
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 216A 0
397 B 889ms
326ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Thu, 17 Mar 2022 08:47:46 GMT
Content-Length: 0
Etag: bd47938ff89d9836

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 3BF0 0
397 B 889ms
327ms Document
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Thu, 17 Mar 2022 08:47:46 GMT
Content-Length: 0
Etag: bd47938ff89d9836

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 89B8 0
397 B 908ms
332ms Image
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:46 GMT
Server: VertaMedia 1.0
Etag: bd47938ff89d9836
Content-Length: 0

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 89B8 43 B
331 B 949ms
57ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?redir=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:46 GMT
Server: VertaMedia 1.0
Etag: bd47938ff89d9836
Content-Length: 43
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B00D 0
42 B 113ms
30ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=7353565&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6232f5b15244b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:44 GMT
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 117ms
57ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6275685-2&cid=961791858.1647506866&jid=1997657470&_u=KADAAEAAEAQCAC~&z=1520782453

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 114ms
55ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6275685-2&cid=961791858.1647506866&jid=1997657470&_u=KADAAEAAEAQCAC~&z=1520782453

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2fpgLCJuUK6REBPmqrSgjVStP_4CUPpfRlazdZGq9_Jkm13J4xoTG-AiDb5U8gVQTtuFWCjNCPwNKovVg8sEYQ Show response
scarfsmash.com/ 209 B
341 B 35ms
34ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2fpgLCJuUK6REBPmqrSgjVStP_4CUPpfRlazdZGq9_Jkm13J4xoTG-AiDb5U8gVQTtuFWCjNCPwNKovVg8sEYQ

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

4c850510fe60af8ffa8eeadc1013120ac41c0baa9c2715db62ce224a02b64df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Thu, 17 Mar 2022 08:47:46 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-spot-n4tq
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 491834569
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H2

200

uu Show response
ih.adscale.de/ Frame 41BB
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1647506866
https://ih.adscale.de/uu?cbfn=receive&t=1647506866&nut&uu=e0652a3543db4eb3a9dc53d918e422ef

44 B
213 B

27ms
26ms

Script
text/javascript

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1647506866&nut&uu=e0652a3543db4eb3a9dc53d918e422ef
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4105b2b6ea419c15f3bbf85a24886c71aa6a4846e9997cde4e154b68a464f6fb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1647506866&nut&uu=e0652a3543db4eb3a9dc53d918e422ef
date: Thu, 17 Mar 2022 08:47:46 GMT
content-length: 0

POST
H2 200 v2cweizrMv7zYv8SFZI64UoIad1rCL0TJY_RWuVxdtGArgzc_TMWSyymZzSypoyKvfkuncXWVnQwsos-HxvG9CA Show response
scarfsmash.com/ 2 KB
776 B 220ms
220ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2cweizrMv7zYv8SFZI64UoIad1rCL0TJY_RWuVxdtGArgzc_TMWSyymZzSypoyKvfkuncXWVnQwsos-HxvG9CA

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

d655f4580ee2f1d719b8e8b1b85624eea242583a334f509da8210480cd89f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Thu, 17 Mar 2022 08:47:46 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-spot-n4tq
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 491834569
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 735

POST
H2 204 collect Show response
l.clarity.ms/ 0
74 B 337ms
337ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Thu, 17 Mar 2022 08:47:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame 41BB 11 KB
4 KB 26ms
25ms Script
application/javascript 2600:9000:223f:3200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: RL4a_5QzMOQeOvhHfhJwDPttS02CmyTc
content-encoding: br
last-modified: Fri, 11 Mar 2022 09:13:49 GMT
server: AmazonS3
age: 5634
etag: W/"988fbfb6c270a6080f89deb043243858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Thu, 17 Mar 2022 07:13:52 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: JRi2jvbZ7NgYglJ_e0pTAIR1UZbmJ46AD_l-EAUNp0RuJEYdrLRO-A==

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame 41BB 0
419 B 958ms
325ms Image
text/plain 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=e0652a3543db4eb3a9dc53d918e422ef
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:47 GMT
Server: VertaMedia 1.0
Etag: 316339920e236949
Content-Length: 0

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame 41BB 149 B
224 B 29ms
29ms Script
application/javascript 35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1647506866513&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
content-length: 149
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 8F48 3 KB
3 KB 39ms
39ms Document
text/html 35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 51facdd58039c7ebe0cec5e2f486c8b5cd9d345a620b093f161450dda1d0dcb8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://js.adscale.de/

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2604

GET
H2 200 match.js Show response
js.adscale.de/ Frame 8F48 4 KB
2 KB 25ms
24ms Script
application/javascript 2600:9000:223f:3200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8e2a591915a8c4aa2d9b423239a39b60b2af59e8751c263290f8111bffffefa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: z0b94s5qdKh_IsbbhZtKdsoLRBL36zAG
content-encoding: br
last-modified: Fri, 11 Mar 2022 09:13:49 GMT
server: AmazonS3
age: 729
etag: W/"426e4e3212f60875c2e8a1e8c23d0a11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Thu, 17 Mar 2022 08:35:38 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 5EuA7b9VANM4tunGb69oTWJEgzIbEZSjO18CQLMiKIKQCozyHPBDLA==

GET
H2

200

img
ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/ Frame 8F48
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=e0652a3543db4eb3a9dc53d918e422ef&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=101&tpuid=BBID-01-03222208667253852-16552440

49 B
465 B

32ms
31ms

Image
image/gif

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=101&tpuid=BBID-01-03222208667253852-16552440
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Thu, 17 Mar 2022 08:47:46 GMT
Server: nginx
Transfer-Encoding: chunked
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=101&tpuid=BBID-01-03222208667253852-16552440
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close

GET
H2 200 ConsentManager,Sticky2 Show response
scarfsmash.com/v2ryniQNnZX68stXrKxdA4N-pR4x-I2kBOdZXDMf6nKJEuRzncwjf1BW1QousDztuutOgy54zWUKP5FTA6MI0/ 274 KB
80 KB 39ms
38ms Script
text/javascript 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2ryniQNnZX68stXrKxdA4N-pR4x-I2kBOdZXDMf6nKJEuRzncwjf1BW1QousDztuutOgy54zWUKP5FTA6MI0/ConsentManager,Sticky2

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

b9f062b1f34ccf6866fac8097bd8c8acccad74d45c5898bef8075b637ce1e3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Origin: https://www.androidpolice.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "b43f261176d8b24c1e22a7ab9b2e777b43ef747898fddcb9d31e9156d2a9de23"
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-spot-n4tq
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
x-buildnumber: 491834569
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Thu, 17 Mar 2022 08:47:46 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
653 B 70ms
37ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 08:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Mar 2022 08:47:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Mar 2022 08:47:46 GMT

GET
H2 200 MTUsMjA3MGNhNTc5NGIw
images.getadmiral.com/ 763 B
1 KB 106ms
48ms Image
image/png 2606:4700:3034::6815:4466
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MTUsMjA3MGNhNTc5NGIw

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:46 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-buildnumber: 456232094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 763
server: cloudflare
x-datacenter: gce-europe-west1
etag: "2c607cb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BxjRdO2lh0itjwez7AwCJwWunEaC8KPlAQdpj6bhkc6hqbuFbgJxbYEdTS3gg2sKcMaO%2FJUoW21cJL3UODjeueSCQBZsemfQ6nexIyoOLdrJfJc30A92ZzUAsJABMeSW5%2BL5YqyXNLXhGk45f4LWd00v%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=300
x-hostname: button
cf-ray: 6ed4773e18fc7342-MRS

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 582ms
192ms Script
text/plain 35.164.131.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=a8e4261f1c76c51d8477c0cb2e4eae33&url=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&code=%27none%27
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.131.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-131-148.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 08:47:47 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 29ms
29ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Mar 2022 09:03:56 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Mar 2022 09:47:41 GMT

POST
H2 200 track Show response
a.ad.gt/api/v1/ 2 B
118 B 596ms
204ms XHR
text/html 35.84.228.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/track
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/269
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.228.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-228-30.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 17 Mar 2022 08:47:47 GMT
server: nginx/1.18.0
content-length: 2
content-type: text/html; charset=utf-8

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 37 KB
37 KB 72ms
32ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.androidpolice.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 18:06:53 GMT
x-content-type-options: nosniff
age: 52853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:06:53 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8F48
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=0782f34f6af69764b16e9f9b5...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YjL1sjgwjUjBtcCXOQsMrgAA%26684

49 B
558 B

34ms
34ms

Image
image/gif

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YjL1sjgwjUjBtcCXOQsMrgAA%26684
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 08:47:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YjL1sjgwjUjBtcCXOQsMrgAA%26684
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Thu, 17 Mar 2022 08:47:46 GMT

POST
H2 200 v2fpgLCJuUK6REBPmqrSgjVStP_4CUPpfRlazdZGq9_Jkm13J4xoTG-AiDb5U8gVQTtuFWCjNCPwNKovVg8sEYQ Show response
scarfsmash.com/ 254 B
292 B 47ms
47ms Fetch
application/json 35.186.249.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/v2fpgLCJuUK6REBPmqrSgjVStP_4CUPpfRlazdZGq9_Jkm13J4xoTG-AiDb5U8gVQTtuFWCjNCPwNKovVg8sEYQ

Requested by

Host: scarfsmash.com
URL: https://scarfsmash.com/v2yvlzsveWtgqGFXj2wU3ajphon_Qq9myt1bClE9dnFgPWVzuw4LojxURFEzFAfp8GOJdYROXlGZLTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

84.249.186.35.bc.googleusercontent.com

Software

Resource Hash

e5c3147873616bc411d7270cb0ee533995b6b74e272c7cac516e200658df4e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
access-control-allow-methods: POST, OPTIONS
x-datacenter: gce-europe-west1
date: Thu, 17 Mar 2022 08:47:46 GMT
vary: Accept-Encoding, Origin
x-hostname: fen-hoothoot-europe-west1-spot-n4tq
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-buildnumber: 491834569
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 254
expires: Thu, 17 Mar 2022 08:47:45 GMT

GET
H3 200 cm
u.openx.net/w/1.0/ 43 B
75 B 53ms
35ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3DAU1D-0100-001647506866-CLJE11L9-46GH
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
653 B 189ms
189ms Image
image/gif 44.240.184.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001647506866-CLJE11L9-46GH&halo_id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
content-type: image/gif
expires: Thu, 17 Mar 2022 20:47:47 GMT

GET
H2

200

img
ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/ Frame 8F48
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=ccce431a9b28b02f2db0ff5d45493d442a397c05ea60ca765f2a31625c68f8b8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=ccce431a9b28b02f2db0ff5d45493d442a397c05ea60ca765f2a31625c68f8b8&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e678...
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=42&gdpr=0&tpuid=1642686369460561511

49 B
567 B

44ms
44ms

Image
image/gif

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=42&gdpr=0&tpuid=1642686369460561511
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
server: nginx
location: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=42&gdpr=0&tpuid=1642686369460561511
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8F48
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=737a51fc-1064-4504-8af5-616a66198148&gdpr=0

49 B
589 B

38ms
38ms

Image
image/gif

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=737a51fc-1064-4504-8af5-616a66198148&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:46 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=737a51fc-1064-4504-8af5-616a66198148&gdpr=0
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1625384
content-length: 0
expires: Thu, 17 Mar 2022 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 8F48
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=a342c30599f05f148185fe3e...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b4b96232-f5b2-4600-a7da-972debc94c87&gdpr=0&gdpr_consent=

49 B
611 B

46ms
46ms

Image
image/gif

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b4b96232-f5b2-4600-a7da-972debc94c87&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Thu, 17 Mar 2022 08:47:47 GMT
Server: MT3 4256 109297d master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=b4b96232-f5b2-4600-a7da-972debc94c87&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Mar 2022 08:47:46 GMT

POST
H2 200 visit Show response
app.convertkit.com/forms/1275831/ 7 B
632 B 195ms
194ms Fetch
application/json 2606:4700::6812:c039
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertkit.com/forms/1275831/visit

Requested by

Host: f.convertkit.com
URL: https://f.convertkit.com/ckjs/ck.5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c039 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 7ebb2eb6-2952-4808-81c7-400866930797
x-runtime: 0.011210
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"aee408847d35e44e99430f0979c3357b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
cf-ray: 6ed47742e8fa59c5-MXP

OPTIONS
H2 200 visit
app.convertkit.com/forms/1275831/ Frame 0
0 287ms
227ms Preflight 2606:4700::6812:c039
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convertkit.com/forms/1275831/visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.androidpolice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
cf-ray: 6ed477417d2b59c5-MXP
access-control-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers
access-control-max-age: 7200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5C24 281 B
554 B 83ms
24ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 17 Mar 2022 08:47:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 43A0 15 KB
6 KB 30ms
30ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=100595
expires: Fri, 18 Mar 2022 12:44:22 GMT
date: Thu, 17 Mar 2022 08:47:47 GMT
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame F2E8 1 KB
1 KB 322ms
322ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_10.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: f2a9a5475c2569f17731c36c9f41d90b018af957f5de9caeefe7382cd022186d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
content-type: text/html; charset=utf-8
content-length: 461
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/ Frame 7A0F
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBlYjhiOGNjYy1hNWNlLTExZWMtYjIyMy0wMmIwMjdjYzE5N2E%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFD92vKxU1gEaSIE0h2atZ4&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFD92vKxU1gEaSIE0h2atZ4&google_cver=1&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a

0
18 B

27ms
27ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFD92vKxU1gEaSIE0h2atZ4&google_cver=1&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFD92vKxU1gEaSIE0h2atZ4&google_cver=1&apid=UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a
date: Thu, 17 Mar 2022 08:47:47 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55986/ Frame 7A0F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YjL1swANrF99FwAy&_origin=0&gdpr=1&gdpr_consent=&_test=YjL1swANrF99FwAy

0
124 B

27ms
26ms

Image
text/plain

18.193.50.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55986/sync?uid=YjL1swANrF99FwAy&_origin=0&gdpr=1&gdpr_consent=&_test=YjL1swANrF99FwAy

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Server

18.193.50.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-50-241.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1647506868.626873,VS0,VE0
x-served-by: cache-mxp6973-MXP
x-cache: HIT
location: https://pixel.advertising.com/ups/55986/sync?uid=YjL1swANrF99FwAy&_origin=0&gdpr=1&gdpr_consent=&_test=YjL1swANrF99FwAy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/ Frame 7A0F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&_origin=1&gdpr=1&gdpr_consent=

0
15 B

101ms
28ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=0bb52f32-5fc5-4480-8e06-57d1cdb10a2c&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2

200

img
ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/ Frame 8F48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=67292e9395a6b8c27d0005b1727ac8259b2cc3e3774a6ef05226a119418d28f7&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F865...
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?uid=67292e9395a6b8c27d0005b1727ac8259b2cc3e3774a6ef05226a119418d28f7&tpid=38&gdpr=0&tpuid=CAESEE1eT-vePUjcrSmOz3Zy1wc...

49 B
629 B

47ms
47ms

Image
image/gif

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?uid=67292e9395a6b8c27d0005b1727ac8259b2cc3e3774a6ef05226a119418d28f7&tpid=38&gdpr=0&tpuid=CAESEE1eT-vePUjcrSmOz3Zy1wc&google_cver=1
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?uid=67292e9395a6b8c27d0005b1727ac8259b2cc3e3774a6ef05226a119418d28f7&tpid=38&gdpr=0&tpuid=CAESEE1eT-vePUjcrSmOz3Zy1wc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 424
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 114ms
114ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Thu, 17 Mar 2022 08:47:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5C24 32 KB
10 KB 25ms
25ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 585270e94e864c25e5c174b8bd0ecf45dbca4408d851fecd14260431b79cc43d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68896
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Fri, 18 Mar 2022 03:56:03 GMT

GET
H2

200

img
ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/ Frame 8F48
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e6783d11b0189304119%2F1647506866568%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=75&tpuid=8326691223526624621&gdpr=0

49 B
638 B

34ms
34ms

Image
image/gif

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=75&tpuid=8326691223526624621&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 08:47:47 GMT
X-Proxy-Origin: 192.145.127.213; 192.145.127.213; 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fa59b8d9-3ac9-4ace-9f56-0ad717d71dcb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/img?tpid=75&tpuid=8326691223526624621&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5C24 284 B
536 B 103ms
27ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/jpg

GET
H2

200

js Show response
ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/ Frame 8F48
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=b738af9c5f9d0d5e35488100fc2a254836b5e091fe58bb83e4e327bba105760c&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=b738af9c5f9d0d5e35488100fc2a254836b5e091fe58bb83e4e327bba105760c&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F8656499ec7ba4e...
https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/js?tpid=48&tpuid=d26a5ee3b035cbbaf1908f05baa01ee4

44 B
582 B

35ms
35ms

Script
text/javascript

35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/js?tpid=48&tpuid=d26a5ee3b035cbbaf1908f05baa01ee4
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e32230dcf650d8a14b16d6ae6b47e8c87cdf58864f4da4a34c12ca9d150f48f1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

Date: Thu, 17 Mar 2022 08:47:47 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ih.adscale.de/sium/8656499ec7ba4e6783d11b0189304119/1647506866568/0/js?tpid=48&tpuid=d26a5ee3b035cbbaf1908f05baa01ee4
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 147

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F2E8 70 B
264 B 50ms
50ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2E8
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D

170 B
188 B

40ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D
date: Thu, 17 Mar 2022 08:47:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F2E8 170 B
188 B 43ms
42ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F2E8
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D

170 B
188 B

43ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM2MjI3NDY0MDQ0NTgwNDM3MzE0Mw%3D%3D
date: Thu, 17 Mar 2022 08:47:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame F2E8 0
705 B 225ms
176ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3362274640445804373143&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:47 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8214FFC0CE964E95A8FEF164167F282B Ref B: ZRHEDGE0815 Ref C: 2022-03-17T08:47:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXaZhWggE4fKtXHye19Ng==

GET
H2

200

xuid
eb2.3lift.com/ Frame F2E8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3362274640445804373143?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bpiGHMBE2oSC_egG3bH6KTh8C2aeEh0UrD_LfbboLA--~A&dongle=0883

37 B
355 B

323ms
323ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-bpiGHMBE2oSC_egG3bH6KTh8C2aeEh0UrD_LfbboLA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 17 Mar 2022 08:47:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-bpiGHMBE2oSC_egG3bH6KTh8C2aeEh0UrD_LfbboLA--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F2E8 43 B
220 B 27ms
25ms Image
image/gif 18.197.240.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=3362274640445804373143&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.240.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-240-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame F2E8 42 B
594 B 99ms
50ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3362274640445804373143&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:47 GMT
etag: "7c5ed6a6f22cd81:0"
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4A5E8C5B170C4786AE77F128B8BA0F7C Ref B: ZRHEDGE0815 Ref C: 2022-03-17T08:47:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame F2E8
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3362274640445804373143
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3362274640445804373143&dcc=t

0
0

116ms
115ms

Image
text/html

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3362274640445804373143&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: HTTP/1.1
Server: 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 17 Mar 2022 08:47:48 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 61EGKNNYP97M7F17629K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3362274640445804373143&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame F2E8
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

322ms
321ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=true&
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Thu, 17 Mar 2022 08:47:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

POST
H2 200 sium
ih.adscale.de/ Frame 8F48 0
0 31ms
31ms Fetch
application/json 35.157.167.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Thu, 17 Mar 2022 08:47:47 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/ 3 KB
3 KB 117ms
40ms XHR
application/vnd.apple.mpegurl 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/chunklist_480.m3u8
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 6d4cb252ade03cb7b1c2e99317eba4e0ed4c74db943c5b937127cca6251dcaec

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
via: 1.1 7d12bef71f48487e9202b581d949876e.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 2819
last-modified: Mon, 06 Sep 2021 08:19:33 GMT
server: Tengine
etag: "8a4ba7f0078b494628f187d2277003b0"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: oJiYfQlWJL6utUiOCPOjK79W2jbvkk1Vm1kjhxhfd51gGsg5eUPx2A==
expires: Thu, 31 Mar 2022 08:47:48 GMT

GET
H2 200 w_480_00000.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/ 320 KB
320 KB 75ms
75ms XHR
video/mp2t 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/w_480_00000.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 4b3c99edd2f296f5eb89ead2bde4f268390bafb61109d86cb49a70b517c0f006

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
via: 1.1 0e47e65a81d7993af7f63688479ecb90.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 327308
last-modified: Mon, 06 Sep 2021 08:19:34 GMT
server: Tengine
etag: "1aeadb8332ec1abda14b8f55e1978e28"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: qWYUWA_CLRMBA2oSvcN5f0_8kZKa-UTiz_gIhct8tA2kA5BjPq2z7Q==
expires: Thu, 31 Mar 2022 08:47:48 GMT

GET
BLOB 200
OK afd976fb-c415-41e4-bd14-a5a54f07bd2c
https://www.androidpolice.com/ 65 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.androidpolice.com/afd976fb-c415-41e4-bd14-a5a54f07bd2c
Requested by: Host: www.androidpolice.com
URL: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 66258
Content-Type: text/javascript

GET
H2 200 w_480_00001.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/ 234 KB
235 KB 43ms
43ms XHR
video/mp2t 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/w_480_00001.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 364f1fe1e13f212722786490c2f53c9fd8ac40fb69be8ae492ab22c6abd04e1a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 239512
last-modified: Mon, 06 Sep 2021 08:19:34 GMT
server: Tengine
etag: "a8de1a79716483d130ecd1fb2bd2254b"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: eCn1-_hUWPohWOx21ww3_wpG7_AXufqO2eC4C1TgY1nzexdgd0qZIg==
expires: Thu, 31 Mar 2022 08:47:48 GMT

GET
H2 200 w_480_00002.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/ 269 KB
269 KB 41ms
40ms XHR
video/mp2t 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/w_480_00002.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 11b067ee141811f95416601d0b217297870d65fbc619e782bb1512d094dd8174

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
via: 1.1 e56228855f326dc3f2b1babb353bf66e.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 275232
last-modified: Mon, 06 Sep 2021 08:19:34 GMT
server: Tengine
etag: "d460578144d72256e62b78e1df5c75f6"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: nOgK-eeltv0PIiySAVmoTxqgllDobH5R6_hoRQZNdVxwnx9C9MNnKw==
expires: Thu, 31 Mar 2022 08:47:48 GMT

GET
H2 200 w_480_00003.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/ 283 KB
284 KB 40ms
40ms XHR
video/mp2t 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/w_480_00003.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: c687b416d79e0f94fa2d8336b573213ac64988ed6f73fd0a0e0a02f2faf4d6d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 290084
last-modified: Mon, 06 Sep 2021 08:19:34 GMT
server: Tengine
etag: "8da5bae37452bfc392ba7297a4889fd5"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: dUYVgwTFNWtZ7i4TPxMmk-2HJSVrGBK6hHT-GyBUGLhw6niqd3JEHA==
expires: Thu, 31 Mar 2022 08:47:48 GMT

GET
H2 200 w_480_00004.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/ 359 KB
360 KB 41ms
41ms XHR
video/mp2t 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/w_480_00004.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: fcd046a74c4fe3cfae415d96d0b9be6cbbce4ea15dcafa15a7527c20c606ff96

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
via: 1.1 4d2109dc7bb96c2f47ec0ce40f98fe16.cloudfront.net (CloudFront)
x-amz-cf-pop: BRU50-C1
content-length: 368104
last-modified: Mon, 06 Sep 2021 08:19:34 GMT
server: Tengine
etag: "91de407a883f7f42365f86c830b13644"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: ekGIZ1vwCuec0iMIe3OlcsUjzVBUUwUtXUE1hDR3DnZQydle821KYA==
expires: Thu, 31 Mar 2022 08:47:48 GMT

OPTIONS
H/1.1 200
OK /
api.narrativ.com/api/v0/publishers/2412/pub_info/ Frame 0
0 456ms
109ms Preflight
text/html 54.90.140.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/pub_info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.90.140.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-90-140-145.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-credentials,x-requested-with
Origin: https://www.androidpolice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: access-control-allow-credentials, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://www.androidpolice.com
Access-Control-Max-Age: 86400
Allow: HEAD, GET, OPTIONS
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Mar 2022 08:47:49 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Vary: Origin
X-Robots-Tag: noindex, follow
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK / Show response
api.narrativ.com/api/v0/publishers/2412/pub_info/ 427 B
760 B 109ms
109ms XHR
application/json 54.90.140.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/pub_info/

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.90.140.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-90-140-145.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

a5d143a9bde71ac34091e2d1b2395a653a14ff1e96e8c70b16a4563a949d63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Access-Control-Allow-Credentials: true
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 17 Mar 2022 08:47:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx/1.20.2
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.androidpolice.com
Connection: keep-alive
X-Robots-Tag: noindex, follow
Content-Length: 427

GET
H2 200 pixel.png Show response
www.androidpolice.com/ 103 B
441 B 130ms
130ms XHR
image/png 44.196.161.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.androidpolice.com/pixel.png?params=---{%22group%22:%22browseclip_imp%22,%22device%22:%22desktop%22,%22ids%22:[{%22id%22:%221002763%22,%22position%22:%22sidebar-pinned-listing-page-article-1%22},{%22id%22:%221002773%22,%22position%22:%22sidebar-pinned-listing-page-article-2%22},{%22id%22:%221002776%22,%22position%22:%22sidebar-pinned-listing-page-article-3%22},{%22id%22:%221002772%22,%22position%22:%22sidebar-pinned-listing-page-article-4%22},{%22id%22:%221002771%22,%22position%22:%22sidebar-pinned-listing-page-article-5%22},{%22id%22:%221002767%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002498%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002364%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002699%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002593%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002613%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002579%22,%22position%22:%22sidebar-pinned-listing-page-article-6+%22},{%22id%22:%221002773%22,%22position%22:%22sentinel-article-sidebarSticky-1%22},{%22id%22:%221002779%22,%22position%22:%22sentinel-article-sidebarSticky-2%22},{%22id%22:%221002365%22,%22position%22:%22sentinel-article-sidebarSticky-3%22},{%22id%22:%221002286%22,%22position%22:%22sentinel-article-relatedContent-1%22},{%22id%22:%221002632%22,%22position%22:%22sentinel-article-relatedContent-2%22},{%22id%22:%221002528%22,%22position%22:%22sentinel-article-relatedContent-3%22},{%22id%22:%221002767%22,%22position%22:%22sentinel-article-relatedContent-4%22},{%22id%22:%221002479%22,%22position%22:%22sentinel-article-relatedContent-5%22},{%22id%22:%221002509%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221002738%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221002093%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221002386%22,%22position%22:%22sentinel-article-relatedContent-6+%22},{%22id%22:%221002735%22,%22position%22:%22sentinel-article-nextArticle%22}],%22eventType%22:%22impression%22}---&rdm=0.26691568683037126

Requested by

Host: www.androidpolice.com
URL: https://www.androidpolice.com/public/build/valnet-footer.f1a74aa8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.196.161.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-196-161-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Oct 2019 21:53:00 GMT
server: nginx
etag: "5db21d3c-67"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 103
x-content-type-options: nosniff

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E005B7DCD8E04FD694BF50EA97F106DA&RedC=c.clarity.ms&MXFR=25A81CA3A5A66EFA2FE80DC9A1A660EC
https://c.clarity.ms/c.gif?CtsSyncId=E005B7DCD8E04FD694BF50EA97F106DA&MUID=075C0917B2F66CAA2626187DB3076DE0

42 B
368 B

51ms
51ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E005B7DCD8E04FD694BF50EA97F106DA&MUID=075C0917B2F66CAA2626187DB3076DE0
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:48 GMT
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c5ed6a6f22cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4CD0C9E7CF7F4EF8AF41D73ADBB5D27B Ref B: ZRHEDGE0815 Ref C: 2022-03-17T08:47:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E005B7DCD8E04FD694BF50EA97F106DA&MUID=075C0917B2F66CAA2626187DB3076DE0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 w_480_00005.ts Show response
video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/ 300 KB
301 KB 42ms
41ms XHR
video/mp2t 63.250.56.79
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn7/video/users/hls/30875/video_6135c3ae46289537299997/vid6135cdd0aa82d176253818.mp4/w_480_00005.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.250.56.79 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 71170d9481a4a3939a7a95f3b7873db755aca3f2596bbeb69f2cddadeb6d8976

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 307380
last-modified: Mon, 06 Sep 2021 08:19:34 GMT
server: Tengine
etag: "cef5408f218a2d3195d0ef147c489bcf"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: EcJgbe7sNIWv4qD2H0iaW1tnHzMmFnXMX1yA6MQX_Qzte84SA_MRwg==
expires: Thu, 31 Mar 2022 08:47:48 GMT

GET
H2 200 session.html Show response
events.release.narrativ.com/api/v0/ Frame EC2B 713 B
1 KB 354ms
119ms Document
text/html 34.232.242.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/session.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.242.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-242-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

128494e8b86ba09377303752f1e0a3a82e6ecc2985c666711aec4f2a3a18fd67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/

Response headers

date: Thu, 17 Mar 2022 08:47:49 GMT
content-type: text/html; charset=utf-8
content-length: 713
server: nginx/1.20.2
x-bam-env: release
x-bam-build-version: 5091648b0ddf33082c197934e0d710c5b6b67319
cache-control: private, max-age=7776000, must-revalidate, proxy-revalidate
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: none

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D4F4 0
39 B 30ms
30ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83715599&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:48 GMT
content-length: 0

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 111ms
111ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: l.clarity.ms
URL: https://l.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.androidpolice.com
date: Thu, 17 Mar 2022 08:47:49 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

OPTIONS
H2 200 /
events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/ Frame 0
0 343ms
116ms Preflight
text/html 34.232.242.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/?uid_bam=1768997031051546225

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.242.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-242-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-credentials,content-type,x-requested-with
Origin: https://www.androidpolice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 17 Mar 2022 08:47:49 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.20.2
x-bam-env: release
x-bam-build-version: 5091648b0ddf33082c197934e0d710c5b6b67319
allow: POST, OPTIONS
access-control-allow-origin: https://www.androidpolice.com
access-control-allow-headers: access-control-allow-credentials, content-type, x-requested-with
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: none

GET
H2 304 session.gif
events.release.narrativ.com/api/v0/ 0
396 B 116ms
116ms Image 34.232.242.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1768997031051546225&cache_buster=1647506869562

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.242.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-242-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
x-bam-build-version: 5091648b0ddf33082c197934e0d710c5b6b67319
date: Thu, 17 Mar 2022 08:47:49 GMT
server: nginx/1.20.2
x-robots-tag: none
x-bam-env: release
strict-transport-security: max-age=63072000; includeSubDomains; preload

POST
H2 201 / Show response
events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/ 2 B
468 B 120ms
120ms XHR
application/json 34.232.242.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.release.narrativ.com/api/v0/publishers/2412/impressions/page_impression/?uid_bam=1768997031051546225

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.242.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-242-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Access-Control-Allow-Credentials: true
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-bam-build-version: 5091648b0ddf33082c197934e0d710c5b6b67319
date: Thu, 17 Mar 2022 08:47:49 GMT
server: nginx/1.20.2
x-bam-env: release
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.androidpolice.com
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: none
content-length: 2

POST
H/1.1 200
OK / Show response
api.narrativ.com/api/v0/publishers/2412/smart_links/ 190 B
523 B 223ms
120ms XHR
application/json 54.90.140.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/smart_links/

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.90.140.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-90-140-145.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

d573bffd9d2fca02b2bfe4ac0323d67b37dc16b08bf103b804311691a942e09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Access-Control-Allow-Credentials: true
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 17 Mar 2022 08:47:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx/1.20.2
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.androidpolice.com
Connection: keep-alive
X-Robots-Tag: noindex, follow
Content-Length: 190

POST
H/1.1 200
OK / Show response
api.narrativ.com/api/v0/publishers/2412/smart_links/ 190 B
523 B 121ms
120ms XHR
application/json 54.90.140.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/smart_links/

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/narrativ-pub.1.0.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.90.140.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-90-140-145.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

d573bffd9d2fca02b2bfe4ac0323d67b37dc16b08bf103b804311691a942e09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: application/json
Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Access-Control-Allow-Credentials: true
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 17 Mar 2022 08:47:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx/1.20.2
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.androidpolice.com
Connection: keep-alive
X-Robots-Tag: noindex, follow
Content-Length: 190

OPTIONS
H/1.1 200
OK /
api.narrativ.com/api/v0/publishers/2412/smart_links/ Frame 0
0 110ms
110ms Preflight
text/html 54.90.140.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/smart_links/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.90.140.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-90-140-145.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-credentials,content-type,x-requested-with
Origin: https://www.androidpolice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: access-control-allow-credentials, content-type, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://www.androidpolice.com
Access-Control-Max-Age: 86400
Allow: POST, OPTIONS
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Mar 2022 08:47:49 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Vary: Origin
X-Robots-Tag: noindex, follow
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK /
api.narrativ.com/api/v0/publishers/2412/smart_links/ Frame 0
0 220ms
109ms Preflight
text/html 54.90.140.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.narrativ.com/api/v0/publishers/2412/smart_links/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.90.140.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-90-140-145.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-credentials,content-type,x-requested-with
Origin: https://www.androidpolice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: access-control-allow-credentials, content-type, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://www.androidpolice.com
Access-Control-Max-Age: 86400
Allow: OPTIONS, POST
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Mar 2022 08:47:49 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Vary: Origin
X-Robots-Tag: noindex, follow
Content-Length: 0
Connection: keep-alive

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 43A0 0
39 B 31ms
30ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32873830&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 08:47:49 GMT
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 36ms
36ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6Y5Q4PR4RC&gtm=2oe3e0&_p=1485460906&sr=1600x1200&ul=en-us&cid=961791858.1647506866&dl=https%3A%2F%2Fwww.androidpolice.com%2F2021%2F03%2F29%2Fwhite-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods%2F&dt=US%20carriers%20close%20security%20loophole%20that%20allowed%20easy%20SMS%20hijack&sid=1647506865&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Y5Q4PR4RC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.androidpolice.com/2021/03/29/white-hat-hacker-investigation-casts-even-more-doubt-on-sms-based-2fa-methods/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 08:47:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.androidpolice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 03:48:02	Name: sync Value: CgoIoQEQoYu_uPkvCgoIgQIQoYu_uPkvCgoI4gEQoYu_uPkvCgoI5gEQoYu_uPkvCgoIhwIQoYu_uPkvCgkICRChi7-4-S8KCQg6EKGLv7j5LwoJCAsQoYu_uPkvCgoIjAIQoYu_uPkvCgkIXxChi7-4-S8=
www.androidpolice.com/	1969-12-31 23:59:59	Name: viewType Value: direct
.convertkit.com/	1970-01-20 01:38:28	Name: __cf_bm Value: k_3W9skKYQn7GkK1Z62SMQo4e8LsXwOMnf3i6DboFPQ-1647506865-0-AQmG5daBRZdRnol6HxLhfu9dOSake4jwRWs5jRu8nHTJhfyXNP6IxRGBBsVTpYxzK1HGqbO0Mgn0m5EoKoAFHmLDP9KwdK2vCFLodgmsutrg
www.clarity.ms/	1970-01-20 10:24:02	Name: CLID Value: 06ac4b65d8fd4cf192f146f03944039a.20220317.20230317
.ad.gt/	1970-01-20 01:39:53	Name: au_idmatch Value: {"apn": "2022-03-17", "ttd": "2022-03-17", "pub": "2022-03-17", "adx": "2022-03-17", "halo": "2022-03-17", "goo": "2022-03-17", "mediamath": "2022-03-17", "taboola": "2022-03-17", "smart": "2022-03-17"}
.androidpolice.com/	1970-01-20 19:09:38	Name: _ga_6Y5Q4PR4RC Value: GS1.1.1647506865.1.0.1647506865.0
.androidpolice.com/	1970-01-20 01:38:30	Name: AMP_TOKEN Value: %24NOT_FOUND
.androidpolice.com/	1970-01-20 19:09:38	Name: _ga Value: GA1.2.961791858.1647506866
.androidpolice.com/	1970-01-20 01:39:53	Name: _gid Value: GA1.2.1104425434.1647506866
.androidpolice.com/	1970-01-20 01:38:26	Name: _gat Value: 1
.adnxs.com/	1970-01-20 03:48:02	Name: uuid2 Value: 8326691223526624621
.casalemedia.com/	1970-01-20 10:24:02	Name: CMID Value: YjL1sjgwjUjBtcCXOQsMrgAA
.casalemedia.com/	1970-01-20 03:48:02	Name: CMPS Value: 235
.androidpolice.com/	1970-01-20 10:24:02	Name: _au_1d Value: AU1D-0100-001647506866-CLJE11L9-46GH
.casalemedia.com/	1970-01-20 03:48:02	Name: CMPRO Value: 684
.casalemedia.com/	1970-01-20 01:39:53	Name: CMST Value: YjL1smIy9bIA
.adsrvr.org/	1970-01-20 10:24:02	Name: TDID Value: 0bb52f32-5fc5-4480-8e06-57d1cdb10a2c
.creativecdn.com/	1970-01-20 10:24:02	Name: u Value: vQrFb6kifgIaNePxw0WC
.creativecdn.com/	1970-01-20 10:24:02	Name: ts Value: 1647506866
.androidpolice.com/	1970-01-21 03:55:14	Name: _awl Value: 2.1647506866.0.5-484a1ccb3f24696a76c35ba9cf7bb057-6763652d6575726f70652d7765737431-0
.pubmatic.com/	1970-01-20 03:48:02	Name: KADUSERCOOKIE Value: E1BA56A0-91C0-4960-B860-893E471C5FA3
.androidpolice.com/	1970-01-20 10:24:02	Name: _clck Value: xfvtlr\|1\|ezu\|0
.spotxchange.com/	1970-01-20 10:24:02	Name: audience Value: eacfb9a8-a5ce-11ec-ae92-1e8b65530006
.doubleclick.net/	1970-01-20 11:00:02	Name: IDE Value: AHWqTUnKbuC0pDv8o0wdUJo5FQk19V52atH0XZdANz6-JQqq12YrTN1dui1tsfpfeaw
.adscale.de/	1970-01-20 10:20:42	Name: uu Value: e0652a3543db4eb3a9dc53d918e422ef
.mathtag.com/	1970-01-20 11:04:22	Name: uuid Value: b4b96232-f5b2-4600-a7da-972debc94c87
.ibillboard.com/	1970-01-20 10:24:02	Name: ibbid Value: BBID-01-03222208667253852-16552440
.ad.gt/	1970-01-20 19:09:38	Name: last_seentd Value: 1647506866705
.ad.gt/	1970-01-20 19:09:38	Name: au_id Value: AU1D-0100-001647506866-CLJE11L9-46GH
.ad.gt/	1970-01-20 19:09:38	Name: tdid Value: 0bb52f32-5fc5-4480-8e06-57d1cdb10a2c
.ad.gt/	1970-01-20 19:09:38	Name: first_seentd Value: 1647506866705
.ad.gt/	1970-01-20 19:09:38	Name: last_seeng_hosted Value: 1647506866705
.ad.gt/	1970-01-20 19:09:38	Name: g_hosted Value:
.ad.gt/	1970-01-20 19:09:38	Name: last_seenmediamath Value: 1647506866705
.ad.gt/	1970-01-20 19:09:38	Name: user_id Value: b4b96232-f5b2-4600-a7da-972debc94c87
.ad.gt/	1970-01-20 19:09:38	Name: last_seenpbm Value: 1647506866706
.ad.gt/	1970-01-20 19:09:38	Name: pbm Value: E1BA56A0-91C0-4960-B860-893E471C5FA3
.ad.gt/	1970-01-20 19:09:38	Name: first_seenpbm Value: 1647506866706
.ad.gt/	1970-01-20 19:09:38	Name: last_seenadx Value: 1647506866706
.ad.gt/	1970-01-20 19:09:38	Name: google_gid Value: CAESELD7zbP07vuLFbVBPauFBhA
.ad.gt/	1970-01-20 19:09:38	Name: first_seenadx Value: 1647506866706
.androidpolice.com/	1970-01-20 01:39:53	Name: _clsk Value: ji52dw\|1647506866827\|1\|1\|l.clarity.ms/collect
.3lift.com/	1970-01-20 03:48:02	Name: tluid Value: 3362274640445804373143
.ad.gt/	1970-01-20 19:09:38	Name: last_seenadnxs Value: 1647506866709
.ad.gt/	1970-01-20 19:09:38	Name: adnxs_id Value: 8326691223526624621
.ad.gt/	1970-01-20 19:09:38	Name: first_seenadnxs Value: 1647506866709
.androidpolice.com/	1970-01-21 03:55:14	Name: _admrla Value: 2.0-484a1ccb-3f24-696a-76c3-5ba9cf7bb057
.adform.net/	1970-01-20 02:23:05	Name: C Value: 1
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: a550070 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: a502624 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: a307080 Value: vQrFb6kifgIaNePxw0WC
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: a544989 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: a550214 Value: ${USER_ID}
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: a306708 Value: ${USER_ID}
.adform.net/	1970-01-20 03:04:50	Name: uid Value: 1642686369460561511
.ad.gt/	1970-01-20 19:09:38	Name: last_seenhaloid Value: 1647506867085
.ad.gt/	1970-01-20 19:09:38	Name: halo_id Value: 0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 19:09:38	Name: first_seenhaloid Value: 1647506867085
.criteo.com/	1970-01-20 11:00:02	Name: uid Value: 737a51fc-1064-4504-8af5-616a66198148
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: vmuid Value: 316339920e236949
.console.adtarget.com.tr/	1970-01-20 03:07:43	Name: a307565 Value: e0652a3543db4eb3a9dc53d918e422ef
.adsrvr.org/	1970-01-20 10:24:02	Name: TDCPM Value: CAEYASABKAIyCwjy5_-ssf_DOhAFOAFaBmFkYXB0dmAC
.advertising.com/	1970-01-20 10:25:29	Name: APID Value: UPeb8b8ccc-a5ce-11ec-b223-02b027cc197a
.yahoo.com/	1970-01-20 10:24:24	Name: A3 Value: d=AQABBLP1MmICENX1hWAcNVUROd-evUUcmn8FEgEBAQFHNGI8YgAAAAAA_eMAAA&S=AQAAArQc0FB873fSIMSaAOYBDWM
.everesttech.net/	1970-01-20 10:24:02	Name: everest_g_v2 Value: g_surferid~YjL1swANrF99FwAy
.analytics.yahoo.com/	1970-01-20 10:24:02	Name: IDSYNC Value: 187s~23sw
.adscale.de/	1970-01-20 10:20:42	Name: cct Value: 1647506867655
.m6r.eu/	1970-01-20 01:38:30	Name: test Value: true
.bing.com/	1970-01-20 11:00:02	Name: MUID Value: 075C0917B2F66CAA2626187DB3076DE0
.m6r.eu/	1970-01-20 03:48:02	Name: cct Value: 1647506867911
.m6r.eu/	1970-01-20 03:48:02	Name: id Value: d26a5ee3b035cbbaf1908f05baa01ee4
.ih.adscale.de/	1970-01-20 10:20:42	Name: tu Value: 4#457147144#48~d26a5ee3b035cbbaf1908f05baa01ee4~457640~0~0#101~BBID-01-03222208667253852-16552440~457640~0~0#38~CAESEE1eT-vePUjcrSmOz3Zy1wc~457640~0~0#39~b4b96232-f5b2-4600-a7da-972debc94c87~457640~0~0#40~737a51fc-1064-4504-8af5-616a66198148~457640~0~0#42~1642686369460561511~457640~0~0#75~8326691223526624621~457640~0~0#63~YjL1sjgwjUjBtcCXOQsMrgAA&684~457640~0~0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:10:20	Name: bcookie Value: "v=2&d2c61ea9-b36f-4688-8d01-ac7a8a594e61"
.linkedin.com/	1970-01-20 18:58:57	Name: li_gc Value: MTswOzE2NDc1MDY4Njc7MjswMjHBdyM1cSum4TC7MCLlFELB+t1b3owa8Qcw0QVMchLNkw==
.linkedin.com/	1970-01-20 01:39:53	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2676:u=1:x=1:i=1647506867:t=1647593267:v=2:sig=AQHcY8oIEyYOLT4JjZGfC5jsZKmt7DOc"
.c.bing.com/	1970-01-20 11:00:02	Name: SRM_B Value: 075C0917B2F66CAA2626187DB3076DE0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:00:02	Name: MUID Value: 075C0917B2F66CAA2626187DB3076DE0
.c.clarity.ms/	1970-01-20 01:38:27	Name: ANONCHK Value: 0
.narrativ.com/	1970-01-20 14:49:00	Name: uid_bam Value: 1768997031051546225
.ads.pubmatic.com/	1970-01-20 01:39:53	Name: KCCH Value: YES

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ads.adaptv.advertising.com
ads.pubmatic.com
adscale-emea.adnxs.com
ampcid.google.com
ampcid.google.it
androidpolice.disqus.com
api.narrativ.com
app.convertkit.com
aufp.io
b1sync.zemanta.com
bbnaut.ibillboard.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cm.adform.net
cm.g.doubleclick.net
creativecdn.com
csync.loopme.me
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
events.release.narrativ.com
f.convertkit.com
flip.it
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ids.ad.gt
ih.adscale.de
image2.pubmatic.com
image6.pubmatic.com
images.getadmiral.com
js.adscale.de
l.clarity.ms
live.primis.tech
match.adsrvr.org
p.ad.gt
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
pixels.ad.gt
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
scarfsmash.com
search.spotxchange.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.narrativ.com
static1.anpoimages.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.console.adtarget.com.tr
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
video.primis.tech
www.androidpolice.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.219.144
104.117.200.100
13.248.245.213
142.250.181.226
142.250.184.226
15.197.193.217
151.101.130.49
178.250.0.163
18.156.0.31
18.193.50.241
18.197.240.17
18.64.115.87
18.66.139.100
184.30.20.198
184.30.20.241
185.184.8.65
185.29.134.244
185.64.189.112
185.64.190.80
185.86.139.89
185.94.180.123
185.94.180.125
198.47.127.19
199.232.196.134
20.120.65.166
209.54.176.128
23.88.75.188
2600:9000:223f:3200:f:4f64:8940:93a1
2600:9000:223f:9a00:8:48e:53c0:93a1
2600:9000:2251:e400:1a:5235:f980:93a1
2606:4700:10::6816:4485
2606:4700:3034::6815:4466
2606:4700::6810:7daf
2606:4700::6812:ba39
2606:4700::6812:c039
2620:1ec:21::14
2620:1ec:27::cafe:2250
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9b
2a04:4e42:400::300
2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.122.136.79
3.122.66.224
3.65.41.107
34.232.242.140
35.157.167.171
35.157.246.167
35.164.131.148
35.186.249.84
35.244.159.8
35.84.228.30
37.157.4.24
37.252.173.213
37.252.173.22
44.196.161.176
44.237.120.80
44.240.184.96
46.105.202.126
52.142.114.2
52.222.210.175
52.222.214.60
52.25.88.123
54.186.216.34
54.90.140.145
62.149.0.72
62.209.227.211
63.250.56.79
64.74.236.223
69.173.144.165
72.251.244.140
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
063873bd79ab28173fcc9b23167b02683b7e759399b190dd3aec6057ee7e59a6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2dec85335834c0973ab0c4a4b47044c87504ee8435fd89a1ab997348be6ed5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0cf716e9d1ee24234277e142d1893ee679ae787d6f114b9ca7701ad6b89c3f14
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e8ca41e0cd7a439fea3e13cd3ca96e1486dba5f840683a97f2e71c8453988c0
0f0ac0c5c69f33d5b679d517a7f8921c7711bd764e3a3dd900d08e329b22bbc3
11b067ee141811f95416601d0b217297870d65fbc619e782bb1512d094dd8174
128494e8b86ba09377303752f1e0a3a82e6ecc2985c666711aec4f2a3a18fd67
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
201fb872946b887978ab032f9f454cc9eae3f3c19056ace8d1db48a9f0acf1ff
27d0928ad984f61f353f599535c36f982a29abaf67701fc647573f4bf424f69f
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
29a13bd46f1aef9f17946d38926841937758b9f20e1e45c986e5629ae70d3429
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2d982a78b1da56ba84ff4f57aad9715cef56b27e56f4ed18f5b831a0f4d7d2e6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
364f1fe1e13f212722786490c2f53c9fd8ac40fb69be8ae492ab22c6abd04e1a
3a4544707c1ec8b6f7f7dcc25586ea7eb87611291240343bc22dbec742116cee
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4105b2b6ea419c15f3bbf85a24886c71aa6a4846e9997cde4e154b68a464f6fb
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b9e13d4fa664b53dc044e0b6947a544e76a40edf19ac9b08aae3209e4c115d
46e15ddd3f3583786961d72eb1a81b34bc9dad89240a461dcf02b43c6aa9e9c7
480ec605663d6d4099ac88df797be15349e23e54dfd48345909c9df9eb7373cf
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b3c99edd2f296f5eb89ead2bde4f268390bafb61109d86cb49a70b517c0f006
4c850510fe60af8ffa8eeadc1013120ac41c0baa9c2715db62ce224a02b64df8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5cf8fa362de8f59775b5f979ac2db8d69db4fe01fc7f55f70c62acd8d10526
51facdd58039c7ebe0cec5e2f486c8b5cd9d345a620b093f161450dda1d0dcb8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56c78d69ee5d00d18d707886e102c7d4178063365d99cf4ab03061a7398ba073
585270e94e864c25e5c174b8bd0ecf45dbca4408d851fecd14260431b79cc43d
5969141c63e20f710f22ed12f9564c8bc139520e14c12a4f16053a1034a6265f
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c657076104f772db7516b5a885bb536180b933c302ba7ca1efd3df51cebb6e1
5c85ed6f1f083e8537fa04ba61fbb850d5a1a7135ecd895a04a7a112023d4907
5ebf783622eed429742da99882ee64040d2d79693868a9079863b2f8c757d8da
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
6878481c0ef11e3936b1cfa40514841cd398302508e0ef56b830f86e471718e1
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6d4cb252ade03cb7b1c2e99317eba4e0ed4c74db943c5b937127cca6251dcaec
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6f2a3441f61d4c9e2b3eeb253795178613770516814dbd1d4d43526172d38ba5
71170d9481a4a3939a7a95f3b7873db755aca3f2596bbeb69f2cddadeb6d8976
772782bcee23ee0f1774ebf7f9dfeac01d8f4b7c6174c35d6e414ba21f3c17bd
7af60b64bb4b300d910a83625c0a3d7b1197bce0acb9d622ad704f7285d02a70
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ea26c2e155afa821d8a157303a6dc302c9d1740b36ae5313f0ece87a60c1e8f
81a308fdc81ba9f72dd686a167c292bfd1c15d190d09d7846927ee475fc3b3ae
86620b292691b6d6621e00a6439123afe65ac8317a6c48ddcad68a1c85bbe606
8b0d1446f412484a2a7d1abb46ddc5de128d8aaf11b1fe04ac729ee4830c5e5b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de54c7f2a14946bea6b5a163956b2fb8ef2d2394318556fa4a3188890bdeb36
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9115bbf3b3dee88764e74ecdf31c2234ece91aa42a596a1d3ba11925662777ba
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
955dd368bec858f5ab6c2c4c1bc73d4299d69d387c7a36046fe80501fff14167
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a36b232778d3599e81a292de7e7092989c0c4a01d3df2775bd8d08ff258ca4b4
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a5d143a9bde71ac34091e2d1b2395a653a14ff1e96e8c70b16a4563a949d63a2
a633abf6ef85a1bf221e75979146c4c7f7a6164732a6a981180a84cf44ced8bb
abf89cea82a0ed0edf2a63b7f1aa587bea8f6dcbe393265c93f264b021264c40
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b622aea6246d71f5e8bf78d704d2cbb557477dd2663a792e72742ce26a7a7c40
b7b7fb37ec681a6a1bd507ce80613c7343fb3b394b29e21e7b11d6a6df933f68
b82b73f8a6f48e57c81f72701415829861dc435979814893c8b82aab6bc1ad9e
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
b9f062b1f34ccf6866fac8097bd8c8acccad74d45c5898bef8075b637ce1e3a9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c28518dd8e8d30f17d37eaa30b09f00dd2cbeb3ab4b5fa0913fd922e1f60f569
c687b416d79e0f94fa2d8336b573213ac64988ed6f73fd0a0e0a02f2faf4d6d2
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
d573bffd9d2fca02b2bfe4ac0323d67b37dc16b08bf103b804311691a942e09c
d655f4580ee2f1d719b8e8b1b85624eea242583a334f509da8210480cd89f765
daac16a8dcbf772343d560088f23516e8235ab8c3450cae85cc1c61ad4aa6db2
db0dab7b649c716807caa2ef9b13c51cc48e98c5261c47f5aeb714d987e3008e
e02f25db92329940496c02164af1af628953d514893951c784d4d643e4a0df21
e32230dcf650d8a14b16d6ae6b47e8c87cdf58864f4da4a34c12ca9d150f48f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42808d7e52317336b8ce5e70efec1e44875ab17d58f9a3640bace9b7e314950
e57a28730f72b49dbe1e83e713021f9ccba87bbd96b305545a1eaba794099b77
e5c3147873616bc411d7270cb0ee533995b6b74e272c7cac516e200658df4e93
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
e8e2a591915a8c4aa2d9b423239a39b60b2af59e8751c263290f8111bffffefa
e8fd802ce5042d308a2d650c3db8f60b2bd3b884f34d6ceabe0631a3a9e226f5
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a9a5475c2569f17731c36c9f41d90b018af957f5de9caeefe7382cd022186d
f567c55b5c79aa9f39aab2be1238d660b7a6bb498c3c0d822a878cf2736d2a95
f63a44e181aba94cec6e9f333ab960f197d40a52856e9a0c498c05159d00f48b
fa7350aa203f13a5124664f3a31b60b6074cf7da52be06dd45b1fd6adff45b4f
fa799d5def88aed9d20aabd466618c633de6a8dd957cee82b6093ff30ea88520
fcd046a74c4fe3cfae415d96d0b9be6cbbce4ea15dcafa15a7527c20c606ff96
ffc4b44e1b7402c08e5f2f702ca535e7e7083a684cda203dfdcb734cd5761aa6

www.androidpolice.com Open in urlscan Pro 44.196.161.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

83 %HTTPS

31 %IPv6

53 Domains

85 Subdomains

67 IPs

10 Countries

4901 kBTransfer

8400 kBSize

82 Cookies

14 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.androidpolice.com Open in urlscan Pro
44.196.161.176 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

83 %
HTTPS

31 %
IPv6

53
Domains

85
Subdomains

67
IPs

10
Countries

4901 kB
Transfer

8400 kB
Size

82
Cookies

183 HTTP transactions
0 data transactions