www.techtimes.com Open in urlscan Pro
34.98.77.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/M9AHoMYNu5
Effective URL:
https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microso...
Submission: On December 10 via api (December 10th 2021, 1:03:34 pm UTC) from US — Scanned from DE

Summary HTTP 170 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 58 IPs in 10 countries across 55 domains to perform 170 HTTP transactions. The main IP is 34.98.77.41, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.techtimes.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 16th 2021. Valid for: a year.

This is the only time www.techtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	34.98.77.41 34.98.77.41	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
20	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.10.189.237 3.10.189.237	16509 (AMAZON-02) (AMAZON-02)
4	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	134.209.129.254 134.209.129.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1 3	13.35.253.28 13.35.253.28	16509 (AMAZON-02) (AMAZON-02)
1	35.190.31.133 35.190.31.133	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:211... 2600:9000:211e:1600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.20 13.35.253.20	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	198.145.13.12 198.145.13.12	2044 (DF-PTL01) (DF-PTL01)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	52.221.57.91 52.221.57.91	16509 (AMAZON-02) (AMAZON-02)
1	44.238.136.108 44.238.136.108	16509 (AMAZON-02) (AMAZON-02)
1 1	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	54.217.138.163 54.217.138.163	16509 (AMAZON-02) (AMAZON-02)
5 5	18.194.61.148 18.194.61.148	16509 (AMAZON-02) (AMAZON-02)
3 4	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	35.210.178.101 35.210.178.101	15169 (GOOGLE) (GOOGLE)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	199.187.193.181 199.187.193.181	47043 (SMARTADSE...) (SMARTADSERVER)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.201.251.82 54.201.251.82	16509 (AMAZON-02) (AMAZON-02)
1	52.33.45.76 52.33.45.76	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	52.42.90.222 52.42.90.222	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	54.189.240.181 54.189.240.181	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.122.145.244 3.122.145.244	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
170	58

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.77.41 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 41.77.98.34.bc.googleusercontent.com

www.techtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

1111210941.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1734811051.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.10.189.237 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-189-237.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.28 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-28.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.31.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.31.190.35.bc.googleusercontent.com

stat.techtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-20.fra6.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.12 (Wilsonville, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d02a2656d53cc29d7e5c72f32e80094e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.221.57.91 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-57-91.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.136.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-136-108.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.74.8 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.138.163 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-138-163.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.194.61.148 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-61-148.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.181 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.251.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-251-82.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.45.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-45-76.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.42.90.222 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-90-222.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.113 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.189.240.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-240-181.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.145.244 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-244.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cdn77.org 1111210941.rsc.cdn77.org 1734811051.rsc.cdn77.org	418 KB
20	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	190 KB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	141 KB
10	ampproject.org cdn.ampproject.org	204 KB
10	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	16 KB
9	googlesyndication.com d02a2656d53cc29d7e5c72f32e80094e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	61 KB
6	google-analytics.com www.google-analytics.com	22 KB
6	gstatic.com fonts.gstatic.com	119 KB
6	powerad.ai powerad.ai reporting.powerad.ai	45 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	google.com 1 redirects www.google.com adservice.google.com	1 KB
4	brainlyads.com hb.brainlyads.com	183 KB
4	facebook.net connect.facebook.net	197 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	smartadserver.com 2 redirects ssbsync.smartadserver.com sync.smartadserver.com	766 B
3	pubmatic.com 2 redirects ads.pubmatic.com image2.pubmatic.com	58 KB
3	googletagmanager.com www.googletagmanager.com	107 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	serverbid.com e.serverbid.com	1 KB
3	anura.io script.anura.io ads.anura.io	18 KB
3	getclicky.com static.getclicky.com in.getclicky.com	6 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	863 B
2	advertising.com 2 redirects pixel.advertising.com	627 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	facebook.com www.facebook.com	313 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	e-volution.ai 2 redirects sync.e-volution.ai	918 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	754 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	1rx.io 2 redirects sync.1rx.io	743 B
2	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com sync.targeting.unrulymedia.com	614 B
2	360yield.com 2 redirects ad.360yield.com	613 B
2	google.de www.google.de adservice.google.de	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	40 KB
2	techtimes.com www.techtimes.com stat.techtimes.com	15 KB
1	sonobi.com sync.go.sonobi.com	474 B
1	openx.net u.openx.net	306 B
1	taboola.com trc.taboola.com	238 B
1	mathtag.com 1 redirects sync.mathtag.com	684 B
1	aufp.io aufp.io	3 KB
1	lentainform.com cm.lentainform.com	495 B
1	zeotap.com mwzeom.zeotap.com	456 B
1	idealmedia.io cm.idealmedia.io	412 B
1	adtelligent.com s.adtelligent.com sync.adtelligent.com Failed	885 B
1	zprk.io pixel.zprk.io	3 KB
1	quantcount.com rules.quantcount.com	429 B
1	googletagservices.com www.googletagservices.com	27 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	30 KB
1	t.co t.co	697 B
170	55

	Domain	Requested by
16	1111210941.rsc.cdn77.org	www.techtimes.com 1111210941.rsc.cdn77.org
11	1734811051.rsc.cdn77.org	www.techtimes.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	cm.mgid.com	jsc.mgid.com www.techtimes.com
7	ids.ad.gt	1 redirects www.techtimes.com
6	tpc.googlesyndication.com	www.techtimes.com securepubads.g.doubleclick.net
6	s-img.mgid.com	www.techtimes.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.techtimes.com
6	fonts.gstatic.com	fonts.googleapis.com
5	x.bidswitch.net	5 redirects
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.techtimes.com
4	match.adsrvr.org	4 redirects
4	cm.g.doubleclick.net	3 redirects www.techtimes.com
4	hb.brainlyads.com	powerad.ai t.co
4	connect.facebook.net	www.techtimes.com connect.facebook.net p.ad.gt
4	c.amazon-adsystem.com	www.techtimes.com c.amazon-adsystem.com
4	powerad.ai	www.techtimes.com powerad.ai
4	fonts.googleapis.com	www.techtimes.com client securepubads.g.doubleclick.net
3	www.google.com	1 redirects www.techtimes.com
3	www.googletagmanager.com	www.techtimes.com powerad.ai www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.techtimes.com
3	e.serverbid.com	1111210941.rsc.cdn77.org www.techtimes.com
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pagead2.googlesyndication.com	www.techtimes.com
2	www.facebook.com	www.techtimes.com
2	sync.smartadserver.com	1 redirects www.techtimes.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	creativecdn.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	a.volvelle.tech	2 redirects
2	sync.1rx.io	2 redirects
2	ad.360yield.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.mgid.com	www.techtimes.com
2	reporting.powerad.ai	powerad.ai
2	stats.g.doubleclick.net	www.google-analytics.com
2	script.anura.io	www.techtimes.com script.anura.io
2	static.getclicky.com	www.techtimes.com
2	jsc.mgid.com	www.techtimes.com jsc.mgid.com
2	stackpath.bootstrapcdn.com	www.techtimes.com
1	sync.go.sonobi.com	www.techtimes.com
1	u.openx.net	www.techtimes.com
1	pixels.ad.gt	p.ad.gt
1	trc.taboola.com	www.techtimes.com
1	sync.mathtag.com	1 redirects
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	token.rubiconproject.com	eus.rubiconproject.com
1	googleads.g.doubleclick.net	www.techtimes.com
1	pixel.rubiconproject.com	www.techtimes.com
1	ssbsync.smartadserver.com	1 redirects
1	cm.lentainform.com	www.techtimes.com
1	mwzeom.zeotap.com	www.techtimes.com
1	cm.idealmedia.io	www.techtimes.com
1	sync.targeting.unrulymedia.com	www.techtimes.com
1	usermatch.targeting.unrulymedia.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	a.ad.gt	t.co
1	pixel.zprk.io	powerad.ai
1	d02a2656d53cc29d7e5c72f32e80094e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	www.techtimes.com
1	ads.pubmatic.com	t.co
1	in.getclicky.com	static.getclicky.com
1	ads.anura.io	script.anura.io
1	pixel.quantserve.com	www.techtimes.com
1	rules.quantcount.com	secure.quantserve.com
1	stat.techtimes.com	www.techtimes.com
1	secure.quantserve.com	www.techtimes.com
1	www.googletagservices.com	www.techtimes.com
1	cdnjs.cloudflare.com	www.techtimes.com
1	code.jquery.com	www.techtimes.com
1	www.techtimes.com	t.co
1	t.co
0	sync.adtelligent.com Failed	s.adtelligent.com
170	83

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
reddit.com
www.linkedin.com
wa.me
www.techradar.com
www.darkreading.com
widgets.mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.techtimes.com AlphaSSL CA - SHA256 - G2	`2021-08-16` - `2022-09-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
www.cdn77.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2021-08-13` - `2022-09-14`	a year	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
e.serverbid.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
stat.techtimes.com GTS CA 1D4	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-18` - `2021-12-17`	3 months	crt.sh
ads.anura.io Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2020-11-23` - `2021-12-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.zprk.io Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-03` - `2022-03-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
aufp.io Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Frame ID: 0AEB763C82AAFAC767118A7076C0DF89
Requests: 129 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: F1B6957735F03E2BC1A2577C247478A7
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 78C47BFD038471B9AF724704FA0DF686
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 5B17E4B1853E6117C0B805A3742B1515
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 2356C3992C78A68429D6FD409CEF302B
Requests: 1 HTTP requests in this frame

Frame: https://d02a2656d53cc29d7e5c72f32e80094e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4D29718DD3EAB2C16FC98C6E485D3944
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1639141407855484256611
Frame ID: BC7A6D0B7C26E4B3770B2A5ED7934DE9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Frame ID: F1ACD054D156E3BF2B0259B33E8ADA3C
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 53D0D2B1AAA702832AE8DD1311ACFDEC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: DE966C955A9A63FCD008B962356B956E
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: ABC060C193762EB5BEC6B42F7CCE7F89
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DBF4B15242C7FB95E8CA01A57691E331
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Microsoft Outlook Phishing Scheme Allows Hackers to Pretend to be Your Boss | Tech TimesFacebookTwitterRedditLinkedInEmailWhatsApp

Page URL History Show full URLs

https://t.co/M9AHoMYNu5 Page URL
https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-out... Page URL

Page Statistics

170
Requests

86 %
HTTPS

36 %
IPv6

55
Domains

83
Subdomains

58
IPs

10
Countries

1983 kB
Transfer

5088 kB
Size

82
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TechTimesNews

Search URL Search Domain Scan URL

URL: https://twitter.com/TechTimes_News

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Title: Facebook facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&text=New+Microsoft+Outlook+Phishing+Scheme+Allows+Hackers+to+Pretend+to+be+Your+Boss&via=twitter%20username%20of%20author&hashtags=
Title: Twitter twitter

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&title=New+Microsoft+Outlook+Phishing+Scheme+Allows+Hackers+to+Pretend+to+be+Your+Boss
Title: Reddit reddit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Title: LinkedIn linkedin

Search URL Search Domain Scan URL

URL: https://wa.me/whatsappphonenumber/?text=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Title: WhatsApp What's app

Search URL Search Domain Scan URL

URL: https://www.techradar.com/news/microsoft-outlook-vulnerability-helps-hackers-masquerade-as-your-boss
Title: Tech Radar,

Search URL Search Domain Scan URL

URL: https://www.darkreading.com/threat-intelligence/researchers-explore-outlook-phishing-techniques
Title: Dark Reading,

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.techtimes.com&utm_medium=referral&utm_campaign=widgets&utm_content=1119383

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4045276/i/57453081/0/pp/1/1?h=O92BoFm2uak71Tj9ys2aeljzlgdaT7Uspz_fCytIhJmkdLD2uFWrPDxkLMlNs3OK&rid=90f8fa6b-59b9-11ec-8599-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164907/i/57453081/0/pp/2/1?h=O92BoFm2uak71Tj9ys2aeuHC17ZM_e_PsV_1nLqPDcca6kFzig5Xezo-kKoPYO9Q&rid=90f8fa6b-59b9-11ec-8599-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533328/i/57453081/0/pp/3/1?h=O92BoFm2uak71Tj9ys2aeg34lVWNVo7Y_LKYUn7ppki5r7cyWvG-WH1rG6qMCuJP&rid=90f8fa6b-59b9-11ec-8599-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533472/i/57453081/0/pp/4/1?h=O92BoFm2uak71Tj9ys2aehB5TvEQtR-EOuMrQal6FzxDRWtXqGtr5Vp1eH9odaEn&rid=90f8fa6b-59b9-11ec-8599-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/11533468/i/57453081/0/pp/5/1?h=O92BoFm2uak71Tj9ys2aerCb-6Bzb0Q0p7wizY0XvGKskDmriPCbyL_xzuxaO8NY&rid=90f8fa6b-59b9-11ec-8599-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3835483/i/57453081/0/pp/6/1?h=O92BoFm2uak71Tj9ys2aevkC11ircWQAfo8S8tzkp70FhdJgs5R9Xjs0IJt9n7ko&rid=90f8fa6b-59b9-11ec-8599-e43d1a2a96ea&ts=t.co&tt=Social&att=1&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/M9AHoMYNu5 Page URL
https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=19747886&ns__t=1639141406980&ns_c=UTF-8&cv=3.5&c8=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&c9=https%3A%2F%2Ft.co%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1639141406980&ns_c=UTF-8&cv=3.5&c8=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&c9=https%3A%2F%2Ft.co%2F

Request Chain 102

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJhcnAyM1hGSTM1&muidn=lbarp23XFI35 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJhcnAyM1hGSTM1&muidn=lbarp23XFI35&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=lbarp23XFI35&google_ula={guid},5&google_gid=CAESEKAN3x4mpECgt0JP4C3fD5g&google_cver=1

Request Chain 105

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=a42f5852-9a80-462d-a793-544c86fad0bd

Request Chain 106

https://x.bidswitch.net/sync?dsp_id=303&user_id=lbarp23XFI35 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbarp23XFI35 HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/f6e4538a-d856-41df-bdf4-053fb3f0d7b4?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/f6e4538a-d856-41df-bdf4-053fb3f0d7b4?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/f6e4538a-d856-41df-bdf4-053fb3f0d7b4?zcc=1&dspret=0&cb=1639141408196 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-22d26b7d-286e-4c37-8c35-ec4d6e889fc6-003

Request Chain 107

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=334bd303-0175-4605-94de-b2f80adb6b29 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=334bd303-0175-4605-94de-b2f80adb6b29 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=b1ce91eb-5b29-4bc6-a646-128fd156a40e&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=334bd303-0175-4605-94de-b2f80adb6b29&gdpr=&gdpr_consent=&us_privacy=

Request Chain 108

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=a3dc8be8-02d6-4761-827e-1310971428e8

Request Chain 111

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=U18GWCkZSo9LrQo138CO&pi=mgid&tc=1

Request Chain 113

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&ttl=1641733408

Request Chain 114

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbarp23XFI35 HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=2008398158947102516&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Dcd37a7bc-dedd-468d-807a-96882e89c79f%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&adnxs_id=2989042819961236972

Request Chain 147

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=cd37a7bc-dedd-468d-807a-96882e89c79f HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=cd37a7bc-dedd-468d-807a-96882e89c79f HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&id=cd37a7bc-dedd-468d-807a-96882e89c79f

Request Chain 148

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcd37a7bc-dedd-468d-807a-96882e89c79f HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcd37a7bc-dedd-468d-807a-96882e89c79f HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=3199D1CF-F35D-4DEC-9330-F0F4EF9010B1&id=cd37a7bc-dedd-468d-807a-96882e89c79f

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=cd37a7bc-dedd-468d-807a-96882e89c79f HTTP 302
https://ids.ad.gt/api/v1/g_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&google_gid=CAESEIjRxPAPu00TfjkNjzJFIyY&google_cver=1&google_ula=450542624,0

Request Chain 150

https://ids.ad.gt/api/v1/g_hosted?id=cd37a7bc-dedd-468d-807a-96882e89c79f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2QzN2E3YmMtZGVkZC00NjhkLTgwN2EtOTY4ODJlODljNzlm

Request Chain 151

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Dcd37a7bc-dedd-468d-807a-96882e89c79f HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=08ee61b3-501f-4700-9ae5-842cf1b4ca73&id=cd37a7bc-dedd-468d-807a-96882e89c79f

Request Chain 152

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3Dcd37a7bc-dedd-468d-807a-96882e89c79f%26sas_uid%3D%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&sas_uid=[sas_uid]&cklb=1

Request Chain 167

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D&s=185073&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YbNQIl6ba-H2LHp4-yIOuQAA%261217

Request Chain 168

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8 HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8

170 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 M9AHoMYNu5 Show response
t.co/ 638 B
697 B 146ms
126ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/M9AHoMYNu5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

73d41206cbf66f2ff81234c0c9bf22df97dcf2bf2d7968bf78184fd628188cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 10 Dec 2021 13:03:25 GMT
vary: Origin
server: tsa_o
expires: Fri, 10 Dec 2021 13:08:26 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 261
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 118
x-connection-hash: 344a781982dba95b2403c7b211892bd0df9213774cdeaf9176f9544bd617ab91

GET
H2 200 Primary Request new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm Show response
www.techtimes.com/articles/269195/20211209/ 56 KB
15 KB 266ms
227ms Document
text/html 34.98.77.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Requested by: Host: t.co
URL: https://t.co/M9AHoMYNu5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.77.41 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 41.77.98.34.bc.googleusercontent.com
Software: nginx / PHP/7.2.34
Resource Hash: e8dd70713902ab397e5940183ee68379ce95ad0f13079821364d10a036bbbd06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/

Response headers

server: nginx
date: Fri, 10 Dec 2021 13:03:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
alt-svc: clear

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 76ms
34ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 9828012
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e9ed4ad146674f5ad9cdf6a28e4c3bca
cf-ray: 6bb6ac6009023748-MXP
cdn-requestcountrycode: EG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css
1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/ 19 KB
4 KB 115ms
18ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 89103804e454c445843fabd34ee79f06dae6a371c517bff35f9a743522915ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgVE9F//QSUNAA==
x-accel-expires: @1639316701
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"61942424-4d84"
last-modified: Tue, 16 Nov 2021 21:35:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: rz0zfhicINs=
x-77-cache: HIT
content-type: text/css
x-cache: HIT
x-age: 861505
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 62ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1639141406.dop015.ml1.t,1639141406.cds222.ml1.hn,1639141406.cds001.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 30ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1967168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLCY5lQe90cRQT%2BFrzE0dP4kcjN42FXIjHVjYl1%2Bj3ZtSekpUVLFSsu2eIMa6tcDjyS1TKGewMh0Kv6PXT0COd%2FYQI6yngd0ST5dJV0pELpxBHuYecWtFpK6eWBEYIj7nn%2FPb18q6ESkZVdZz7YCEPaZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bb6ac5fcc854e5c-FRA
expires: Wed, 30 Nov 2022 13:03:26 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 70ms
28ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 6203915
cdn-cachedat: 2021-04-23 06:58:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 342b5cdf2a5b109b640f72fda9ed7130
cf-ray: 6bb6ac6009063748-MXP
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 common_v056.js Show response
1111210941.rsc.cdn77.org/common/js/common/ 7 KB
3 KB 116ms
20ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/common/js/common/common_v056.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 564909ae57a774bce3a438e2df0cbe3f8794d33acf6715625e87cb06bfa31908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgWbS9b/iycNAA==
x-accel-expires: @1639316115
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"619422d0-1aeb"
last-modified: Tue, 16 Nov 2021 21:29:52 GMT
server: CDN77-Turbo
x-77-nzt-ray: /adnX5CP6n0=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 862091
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 scripts.js Show response
1111210941.rsc.cdn77.org/static/common/_v1.0.0/js/ 5 KB
2 KB 116ms
20ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/js/scripts.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 549112bc130160ae62719497e057e28f50879c18d927de9b411255a20270ba0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgWYh6v/iCcNAA==
x-accel-expires: @1639316118
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"619424ab-12fc"
last-modified: Tue, 16 Nov 2021 21:37:47 GMT
server: CDN77-Turbo
x-77-nzt-ray: /LvgwzjfrxU=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 862088
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 13:03:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Dec 2021 13:03:26 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45530ee93fe1451632f4c4da09ff7b9dcbbe6a64f2ae824c058c78fababd34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 185 of 1000 / last-modified: 1639137928"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27033
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Dec 2021 13:03:26 GMT

GET
H2 200 prebid_sb_202110.js Show response
1111210941.rsc.cdn77.org/common/js/common/ 184 KB
54 KB 36ms
34ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/common/js/common/prebid_sb_202110.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b2cf31ca947be6dd3ff318d66b2a6eb397f2311490ea939ed9a663c7d5e729a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgVL8Ln/PIIOAA==
x-accel-expires: @1639227362
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"61942344-2de66"
last-modified: Tue, 16 Nov 2021 21:31:48 GMT
server: CDN77-Turbo
x-77-nzt-ray: NC6hrXMFmcA=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 950844
content-encoding: br
x-77-pop: frankfurtDE

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 192 KB
41 KB 428ms
194ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 5d5ee54d8325576c1daaeb7d00b56ec6d7059272ff3ead2004baadd5df3e296f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:03:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 15:38:37 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"2fe4f-17d9fd8af37"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 new-microsoft-outlook-phishing-scheme-allows-hackers-to-pretend-to-be-your-boss.jpg
1734811051.rsc.cdn77.org/data/images/full/393517/ 63 KB
63 KB 48ms
38ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/images/full/393517/new-microsoft-outlook-phishing-scheme-allows-hackers-to-pretend-to-be-your-boss.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 66e06f757742d1dcb78175c4bedb462e62a0db88defe1f6d5d9331626236846f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgU9ZG//+XEAAA==
x-accel-expires: @1640149029
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: "6156bcef-faef"
last-modified: Fri, 01 Oct 2021 07:46:55 GMT
server: CDN77-Turbo
x-77-nzt-ray: mCG4KjKPRvQ=
x-77-cache: HIT
content-type: image/jpeg
x-cache: HIT
x-age: 29177
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 64239

GET
H2 200 new-microsoft-outlook-phishing-scheme-allows-hackers-to-pretend-to-be-your-boss.jpg
1734811051.rsc.cdn77.org/data/images/full/393517/ 23 KB
23 KB 48ms
38ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/images/full/393517/new-microsoft-outlook-phishing-scheme-allows-hackers-to-pretend-to-be-your-boss.jpg?w=600?w=650
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: fdc0a0b1a5fe2f85e31f3d8e1a111fcbe751ecd6ae2b14a4eaef8111e116d179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgUa2cv/EEoAAA==
x-accel-expires: @1639208846
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: 1f0b149dcdd932bdcef08414e527a28e
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: wm3/ULlnwNA=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 18960
x-77-pop: frankfurtDE

GET
H2 200 techtimes.com.1119383.js Show response
jsc.mgid.com/t/e/ 2 KB
1 KB 59ms
21ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7270d9c019108944b8be69eaa63b3da137f962037f7b1250191f09eff17d9afc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 6301
last-modified: Thu, 25 Nov 2021 11:31:34 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: D7AEPZ1AMVFYJXKT
x-amz-id-2: TxYs4WkSXGgPmccyWZ4rePAV1+4oPz85Q1Hqf73/YEDnFk0EAHMCfcmhlCTnWuZZzP3Ckf+y29Q=
cf-bgj: minify
server: cloudflare
etag: W/"944a5f967f20377c5d69814735f270db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb6ac60dea05b50-FRA
expires: Fri, 10 Dec 2021 16:03:26 GMT

GET
H2 200 alexa-to-be-removed-however-amazon-says-existing-accounts-would-remain-until-may-2022.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/397678/330/186/50/40/ 16 KB
16 KB 48ms
38ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/397678/330/186/50/40/alexa-to-be-removed-however-amazon-says-existing-accounts-would-remain-until-may-2022.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 33851a12c3b5ffed46a71d26c2e99cdfcf5ccf5267dcb26c0439f505bdf52161

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgW3UDr/SY4AAA==
x-accel-expires: @1639191381
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: b554814cac01dfe12c2fd0e23466432d
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: i+mard4XUeQ=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 36425
x-77-pop: frankfurtDE

GET
H2 200 metas-new-anti-fake-news-ai-to-fight-misinformation-more-efficiently-expect-less-harmful-content.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/397673/330/186/50/40/ 12 KB
12 KB 47ms
38ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/397673/330/186/50/40/metas-new-anti-fake-news-ai-to-fight-misinformation-more-efficiently-expect-less-harmful-content.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 3b8335584dc20e76aefdc26f790298035907b773743eba0b03277b95a868d59e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgU8uL3/QK4AAA==
x-accel-expires: @1639183198
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: ca078fc7f2cafb015be7820cb006d78b
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: gda+dBgZpZ8=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 44608
x-77-pop: frankfurtDE

GET
H2 200 brain.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/397541/330/186/50/40/ 15 KB
16 KB 48ms
38ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/397541/330/186/50/40/brain.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b58f685b90899ea4b9295454b2165f68658e71155e5b7f5b1f6462e440625674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgVu5Pr/LrwAAA==
x-accel-expires: @1639179632
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: 3cbe35c54020351426585edc16a957cd
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 0NaIw6ByLHw=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 48174
x-77-pop: frankfurtDE

GET
H2 200 why-do-app-developers-call-new-kid-on-the-mobile-block-bluthrone-an-exit-factory.png
1734811051.rsc.cdn77.org/data/thumbs/full/397355/330/186/50/40/ 110 KB
110 KB 48ms
39ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/397355/330/186/50/40/why-do-app-developers-call-new-kid-on-the-mobile-block-bluthrone-an-exit-factory.png
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 7d63301e1e91a0ceaa150d83c6e934aec86ac07a7c52454b95ad8cdf5bc2f98f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgWU563/U1YAAA==
x-accel-expires: @1639205707
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: 670781dcfa2e0bc1e84f26cfc46f7387
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 58cG2jUsoS0=
x-77-cache: HIT
content-type: png
cache-control: max-age=86400, public
x-cache: HIT
x-age: 22099
x-77-pop: frankfurtDE

GET
H2 200 masayuki-dies-possible-reasons-of-snes-nes-creators-death.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/397683/330/186/50/40/ 16 KB
17 KB 18ms
14ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/397683/330/186/50/40/masayuki-dies-possible-reasons-of-snes-nes-creators-death.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: c98bd18f179f197055e6e013077e15f2f4771639dbdcd1407486c27d70b4ac4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgWj1ED/3yMAAA==
x-accel-expires: @1639218623
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: 1fab4398ec415431c4865d6f7194b01b
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: whO+pzXTguM=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 9183
x-77-pop: frankfurtDE

GET
H2 200 elon-musk-graded-school-papers-before-he-founded-tesla-spacex-sells-for-7-000.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/395686/295/166/50/40/ 10 KB
10 KB 19ms
15ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/395686/295/166/50/40/elon-musk-graded-school-papers-before-he-founded-tesla-spacex-sells-for-7-000.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 95222abbd5c0db5255924fda456547c584f2d4738fb691f0238706032ac47bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgXXYeH/D3kAAA==
x-accel-expires: @1639196815
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: 0771ad2f411c67010c79f677b64d21fe
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: lK7gvWrLeOg=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 30991
x-77-pop: frankfurtDE

GET
H2 200 hoodie-with-pouch-for-cats-to-keep-pets-close-to-gamers.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/379487/295/166/50/40/ 15 KB
16 KB 18ms
15ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/379487/295/166/50/40/hoodie-with-pouch-for-cats-to-keep-pets-close-to-gamers.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 8549d67106a040b4415c3509b8a0e7531a8f229aede90ec28f4ee5f293a0763d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgXaGLn/L3kAAA==
x-accel-expires: @1639196783
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: b663bcaf19a7214a00a61009c149249c
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: SNhNVewFwbs=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 31023
x-77-pop: frankfurtDE

GET
H2 200 star-cluster-47-tucanae.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/397670/295/166/50/40/ 30 KB
30 KB 18ms
16ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/397670/295/166/50/40/star-cluster-47-tucanae.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: 3c79d4b86db3737f4e38a31b50c74de1208efbb7d4ec99055221c293c545e876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgW1Igf/LHkAAA==
x-accel-expires: @1639196786
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: 49e561ef3603839f66eb66014aeef9be
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: 5FKQ4IkNFUA=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 31020
x-77-pop: frankfurtDE

GET
H2 200 halo-infinite-screen.jpg
1734811051.rsc.cdn77.org/data/thumbs/full/384960/295/166/50/40/ 13 KB
13 KB 18ms
17ms Image
image/jpeg 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1734811051.rsc.cdn77.org/data/thumbs/full/384960/295/166/50/40/halo-infinite-screen.jpg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PHP/7.2.34
Resource Hash: b0527357ce7e9ec270c662aee9d20ab3010765e0451ba13738e8ddac201196ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgU3Xhn/zngAAA==
x-accel-expires: @1639196880
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: c780e0ba799bf1f64e2c253c990ff304
server: CDN77-Turbo
x-powered-by: PHP/7.2.34
x-77-nzt-ray: QHxgrdDWiSk=
x-77-cache: HIT
content-type: image/jpeg
cache-control: max-age=86400, public
x-cache: HIT
x-age: 30926
x-77-pop: frankfurtDE

GET
H2 200 badge.gif
static.getclicky.com/media/links/ 241 B
632 B 53ms
34ms Image
image/gif 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getclicky.com/media/links/badge.gif
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
cf-cache-status: HIT
age: 321726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 241
last-modified: Wed, 13 Apr 2016 00:13:35 GMT
server: cloudflare
etag: "570d8f2f-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6bb6ac611e3783b5-MXP
x-proxy-cache: HIT
expires: Fri, 17 Dec 2021 13:03:26 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
5 KB 112ms
37ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Dec 2021 19:41:05 GMT
server: cloudflare
age: 321741
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 17 Dec 2021 13:03:26 GMT
cache-control: public, max-age=604800
cf-ray: 6bb6ac610e1d83b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 counter_ssl.js Show response
1111210941.rsc.cdn77.org/common/js/stat/ 743 B
594 B 15ms
15ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/common/js/stat/counter_ssl.js?v=11
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 08895426c0d9a9330b4b4988d244fb0f964082f78b8a929db01792481c508e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgXDYxL/AyUNAA==
x-accel-expires: @1639316763
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"6194244e-2e7"
last-modified: Tue, 16 Nov 2021 21:36:14 GMT
server: CDN77-Turbo
x-77-nzt-ray: n3yJmZsRIk4=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 861443
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 article_counter.js Show response
1111210941.rsc.cdn77.org/static/js/common/ 398 B
463 B 16ms
14ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1111210941.rsc.cdn77.org/static/js/common/article_counter.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a969f23d2a86a8fbe27e34999a42c0aae9d7b7c46f33113e040cf123077c5a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgW6fIj/iycNAA==
x-accel-expires: @1639316115
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"6194229b-18e"
last-modified: Tue, 16 Nov 2021 21:28:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: Qs8DSzkP8IU=
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 862091
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 request.js Show response
script.anura.io/ 48 KB
17 KB 154ms
83ms Script
application/javascript 3.10.189.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1249184190139&callback=_anuraResFun&673676311697

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.189.237 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-189-237.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0cded5abecd6e37aa706cf2c3207922d78c1facfb7c1dc12110e4002d8f015a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 66ms
11ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 1SE7F4MP69612FC9RXFQ
etag: 1e39d25f07f5619925357b752ab10d04
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Fri, 10 Dec 2021 13:03:26 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AFQ0LbkVQWbzZnRrMCd5SGKMksGrohCbfqwtKHl7uB9POc60UIYgtA==

GET
H2 200 logo.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/logo.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5b20151a1f3855739a388f05074c181072566416c06693a7d8c8fddacbd157f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgVFtXH/QCUNAA==
x-accel-expires: @1639316702
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"61942424-878"
last-modified: Tue, 16 Nov 2021 21:35:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: zX7HfKGdXnc=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 861504
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_facebook.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 591 B
635 B 43ms
41ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_facebook.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eaa1d2a49cd9fb20ef40d866d1deecabee82db7146e40de17753c145bd557ea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgWSbOj/QCUNAA==
x-accel-expires: @1639316702
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"61942424-24f"
last-modified: Tue, 16 Nov 2021 21:35:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: biBwKiSxAgs=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 861504
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_twitter.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 1 KB
913 B 43ms
41ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_twitter.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ec928563715656ae5bdf56bcc7215a4d1723c52158709bc2cc36e02af142d089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgW8OWj/QCUNAA==
x-accel-expires: @1639316702
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"619424ab-461"
last-modified: Tue, 16 Nov 2021 21:37:47 GMT
server: CDN77-Turbo
x-77-nzt-ray: BnHFBbeK1CQ=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 861504
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 315418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 06 Dec 2022 21:26:28 GMT

GET
H2 200 icon_search2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 303 B
464 B 39ms
38ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon_search2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f1f8e52f3acb8c8ab4998465bbe11b70f7384ecd29c8f6450c9228a6ca2d0a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgU/87z/NygNAA==
x-accel-expires: @1639315943
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"61942313-12f"
last-modified: Tue, 16 Nov 2021 21:30:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: AQnSV6QLtVw=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 862263
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 icon_search.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 303 B
465 B 39ms
38ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon_search.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9751f0e58ee1b5a83930fa22bf3b4562a3dd3d0424d2adb17423cc38d5cb847f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgVLAP7/rh4NAA==
x-accel-expires: @1639318384
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"61942424-12f"
last-modified: Tue, 16 Nov 2021 21:35:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: pJqrblGgoU0=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 859822
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 49ms
19ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 04:27:49 GMT
x-content-type-options: nosniff
age: 30937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 04:27:49 GMT

GET
H2 200 social_desktop.gif
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 6 KB
6 KB 33ms
32ms Image
image/gif 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_desktop.gif
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4295a34f0395dfae8f8c9e24f12de869d9f7cadd1853f4888c09fba2cce1ca8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgWrUaz/AiUNAA==
x-accel-expires: @1639316764
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: "6194229b-1793"
last-modified: Tue, 16 Nov 2021 21:28:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: SiJFeQ7mDN4=
x-77-cache: HIT
content-type: image/gif
x-cache: HIT
x-age: 861442
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 6035

GET
H2 200 icon-split.png
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 16 KB
16 KB 33ms
33ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/icon-split.png
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 55937ee52d6d7e8746015398bf3a77e7a3d0c62c622766b9707402368d3181bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgW+zVb/AiUNAA==
x-accel-expires: @1639316764
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: "61942424-3e9b"
last-modified: Tue, 16 Nov 2021 21:35:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: yvPhMDfbLNY=
x-77-cache: HIT
content-type: image/png
x-cache: HIT
x-age: 861442
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 16027

GET
H2 200 logo2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 2 KB
1 KB 20ms
14ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/logo2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b37528b8edfca9b4c56e243195e0f48b6a83878d30dca3c4eb67e530ad3b4428

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgVdkJH/ISgNAA==
x-accel-expires: @1639315965
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"6194229b-861"
last-modified: Tue, 16 Nov 2021 21:28:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: aOXdgbJ3H2w=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 862241
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_facebook2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 591 B
632 B 18ms
14ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_facebook2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4d6c0441395a79f993612963489cf57d905fd2e938df3847cb5aa4595ac8e75b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgU1W/j/ISgNAA==
x-accel-expires: @1639315965
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"6194229d-24f"
last-modified: Tue, 16 Nov 2021 21:29:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: CvHLlloprxQ=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 862241
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 social_twitter2.svg
1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/ 1 KB
912 B 18ms
15ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/images/social_twitter2.svg
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 99a5efd3d1c088c308da63f299791db08c40cf8e1da421f30399ce8a9bed36ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1111210941.rsc.cdn77.org/static/common/_v1.0.0/css/style.css?s=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1rgWnyOb/ISgNAA==
x-accel-expires: @1639315965
date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 google
etag: W/"61942424-461"
last-modified: Tue, 16 Nov 2021 21:35:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: 3z2QVVHbC68=
x-77-cache: HIT
content-type: image/svg+xml
x-cache: HIT
x-age: 862241
content-encoding: br
x-77-pop: frankfurtDE

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 47ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Dec 2021 13:03:26 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 435 B
824 B 41ms
18ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.techtimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cc495f93761edfb31e77239c3eaa44ed1a866608e1c360252216d81aaadfd84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187
x-xss-protection: 0
expires: Fri, 10 Dec 2021 13:03:26 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
987 B 406ms
196ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: 1111210941.rsc.cdn77.org
URL: https://1111210941.rsc.cdn77.org/common/js/common/prebid_sb_202110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 94b5e675543ee761468c8ac40ec193ed58cafb0190f4e1384c77d1beb561c51c

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.techtimes.com
date: Fri, 10 Dec 2021 13:03:27 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 techtimes.com.1119383.es6.js Show response
jsc.mgid.com/t/e/ 242 KB
71 KB 29ms
28ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3ca49bbe2a311e6c93b0eb397a48c07bb9a292579f95c049cf3d6b9ad2d541c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 6300
last-modified: Thu, 02 Dec 2021 15:40:59 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 9Y3G3W9ED2H4NDE8
x-amz-id-2: bwI3GI7IZujuo4lzz99KuwhtdBad9KVZSIS24Oo0INsyRUr388EBReILDrPPnIR5vjOp46AbY78=
cf-bgj: minify
server: cloudflare
etag: W/"064a4d8375d7477738f2f72f49df1147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6bb6ac617ffd5b50-FRA
expires: Fri, 10 Dec 2021 16:03:26 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 27ms
8ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 17 Dec 2021 13:03:26 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 27ms
8ms Script
application/javascript 13.35.253.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-28.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 03:28:11 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 102889
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: t9LMXB8mH4WOfP4zMZCcCmFynDp-UHJt0Q-fzk3rGAzjUz1MCTmUBQ==

GET
H2 200 counter_gif.gif
stat.techtimes.com/stat/ 180 B
180 B 159ms
121ms Image
image/gif 35.190.31.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.techtimes.com/stat/counter_gif.gif?article_id=269195&w=1600&h=1200&ref=https://t.co/
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.31.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 133.31.190.35.bc.googleusercontent.com
Software: nginx/1.14.2 / PHP/7.2.18
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
via: 1.1 google
content-type: image/gif
server: nginx/1.14.2
x-powered-by: PHP/7.2.18
alt-svc: clear
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 42ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41574041-1

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23413106d770fec06e0ee4497b3883b1bb44972825508ff196b36688cfc78f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36228
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:03:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fea59495c3c3a9bd857bf9d1496912323867fdfc7569a54e0e537303fa2113f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Z6dYcJDMxgo/3aMHaJNSjA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 8Uv4w8oPunrbCo70/pCwiiJnOjHJsph8Wrq4RxlVMZeQy3+XzR/SGrzrYDXLErV65qLmeaMJcHD9zAwpRPVf0w==
x-fb-trip-id: 917726464
x-fb-content-md5: 13731375a7e05cc2fa6aba1fbffe9742
x-frame-options: DENY
date: Fri, 10 Dec 2021 13:03:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cb274fcd60d6d2c499be47fe974c3e4d"
timing-allow-origin: *
expires: Fri, 10 Dec 2021 13:05:46 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 8ms
7ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.techtimes.com&pubid=10f2e1c5-d495-4ec1-a8e3-2556d5c64ce9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:32:47 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
server: Server
age: 1839
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.techtimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: RzYUGCpIlIgVJ13GIf9YU7Iy_BmDaJz-YE0HKqFXEc6PvpMR8O4tbw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
494 B 52ms
51ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&pr=https%3A%2F%2Ft.co%2F&pid=h0McgC0lhjENa&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22gpt_top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22400x300%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_right3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%2C%7B%22sd%22%3A%22gpt_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21697271410%2Ftechtimes%2Fpersonaltech%2Farticles%22%7D%5D&pubid=10f2e1c5-d495-4ec1-a8e3-2556d5c64ce9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: Y8HTBPY0QJW7SHTTGAM0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.techtimes.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9J4RwIRcYWBvFQzLBDrfciG8RoXVtopox8B0ZyzhqPDzSgz-MWbxPg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 74382
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Thu, 09 Dec 2021 16:24:05 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8e83c42d247a31c5b365c08a0352d8f9.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: cNCSatXiVxEfgdUJoznAT_x_T-L7uCaZWY09zFS__ZaBsDKLShPy3g==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 286 KB
81 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e22733233b3518a074a6bc371fc48514

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a47dd84c443a0a91a9d2c7a9a6d9d6dc55ac9652c64c108edb76c61fff400abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8Cl9KQNfIBlVpY6Pu7IjaA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82660
x-fb-rlafr: 0
x-fb-debug: pKXOdnNxqAt8UcZ3rNwhOnDXRYpy558jqyUrzmDm0RCfxUlJreEx5mdewSopF6Ri3k6TclJXyQ1C5+0NSkYvTw==
x-fb-content-md5: a57665e1b4ca1370170a97123a347ba8
x-frame-options: DENY
date: Fri, 10 Dec 2021 13:03:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4f50610a7826a8bf6a8a737f661826c6"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 10 Dec 2022 12:24:17 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=19747886&ns__t=1639141406980&ns_c=UTF-8&cv=3.5&c8=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%...
https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1639141406980&ns_c=UTF-8&cv=3.5&c8=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss...

0
223 B

11ms
8ms

Image
text/plain

13.35.253.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1639141406980&ns_c=UTF-8&cv=3.5&c8=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&c9=https%3A%2F%2Ft.co%2F
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 13.35.253.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-28.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 11ksAIuhREaGOuM_6dax-fRdzeYRff_SxRbsJWwbyY0zmTlUkIQNQA==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 10 Dec 2021 13:03:26 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=19747886&ns__t=1639141406980&ns_c=UTF-8&cv=3.5&c8=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%20%7C%20Tech%20Times&c7=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&c9=https%3A%2F%2Ft.co%2F
content-length: 443
x-amz-cf-id: BrpS8Ci70OFqLgQFugfdBpQGoO2KKQhqnlWnpRjN4Z9HcWLHot5kvg==

GET
H2 200 rules-p-LfaarYPdxYFdP.js Show response
rules.quantcount.com/ 3 B
429 B 26ms
8ms Script
application/javascript 2600:9000:211e:1600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-LfaarYPdxYFdP.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 01:33:12 GMT
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront)
age: 41793
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:29:28 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: 7E3wxt8WRpMFHDEjMSp_djl5nUNolpVuwcJVHdBt5UA2xbiit95PNQ==

GET
H2 200 pixel;r=785860049;rf=0;a=p-LfaarYPdxYFdP;url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-prete...
pixel.quantserve.com/ 35 B
371 B 48ms
14ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=785860049;rf=0;a=p-LfaarYPdxYFdP;url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm;ref=https%3A%2F%2Ft.co%2F;uh=a3b95c38a4fe7929a7139a63870af8a02e7a0d898d428d1fe62837e32fd6c97c;uht=0;fpan=1;fpa=P0-465438703-1639141407031;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;d=techtimes.com;je=0;sr=1600x1200x24;dst=0;et=1639141407030;tzo=0;ogl=type.article%2Curl.https%3A%2F%2Fwww%252Etechtimes%252Ecom%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishin%2Csite_name.Tech%20Times%2Cimage.https%3A%2F%2F1734811051%252Ersc%252Ecdn77%252Eorg%2Fdata%2Fimages%2Ffull%2F393517%2Fnew-microsoft-outlook-p%2Ctitle.That%20Microsoft%20Outlook%20Email%20May%20Not%20Be%20From%20Your%20Boss%E2%80%94It%20Could%20Be%20a%20Hacker%20%2Cdescription.A%20new%20phishing%20scheme%20on%20Microsoft%20Outlook%20is%20allowing%20hackers%20to%20send%20emails%20pr

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
349 B 49ms
11ms XHR
application/javascript 13.35.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?14440208569
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1249184190139&callback=_anuraResFun&673676311697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-20.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:19:05 GMT
content-encoding: gzip
server: nginx
age: 9862
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: syhVig6nWmTOm08miTxHuSzzqXjuCX0Pf_0WSNXTFUq8KBUnHhURmQ==
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41574041-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5309
date: Fri, 10 Dec 2021 11:34:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 10 Dec 2021 13:34:58 GMT

GET
H2 200 in.php Show response
in.getclicky.com/ 139 B
435 B 447ms
147ms Script
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=100661543&type=pageview&href=%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&title=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss&res=1600x1200&lang=en&ref=https%3A%2F%2Ft.co%2F&jsuid=2159106934&mime=js&x=0.2646451893898043
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Wilsonville, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 8750187f16dcb19202cff742df5d2446fcefbe7e4c1bcbe5ea04492af993b183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=701275879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1233202037&gjid=1458382189&cid=183067103.1639141407&tid=UA-41574041-1&_gid=1351738347.1639141407&_r=1&gtm=2ouc10&z=1789150716

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=701275879&t=event&_s=2&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article&ea=article3&_u=4GBAAUABAAAAAC~&jid=&gjid=&cid=183067103.1639141407&tid=UA-41574041-1&_gid=1351738347.1639141407&gtm=2ouc10&cd1=Teejay%20Obsequio&cd2=News&cd3=Tech&cd4=article&cd5=&cd6=269195&z=408772303

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 05:36:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26806
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 61ms
21ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41574041-1&cid=183067103.1639141407&jid=1233202037&gjid=1458382189&_gid=1351738347.1639141407&_u=4GBAAUAAAAAAAC~&z=2034489035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 13:03:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 341ms
102ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 10 Dec 2021 13:03:27 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H/1.1 200
OK detect-aau Show response
powerad.ai/ 2 B
337 B 300ms
103ms Fetch
text/plain 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:03:27 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H/1.1 200
OK detect-aau Show response
powerad.ai/ 2 B
337 B 304ms
101ms Fetch
text/plain 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:03:27 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame F1B6 178 KB
58 KB 319ms
19ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: t.co
URL: https://t.co/M9AHoMYNu5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 19:14:10 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2c888-5cfd3192c4545"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=21045
accept-ranges: bytes
content-type: text/javascript
content-length: 58379
expires: Fri, 10 Dec 2021 18:54:12 GMT

GET
H2 200 pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame 78C4 33 KB
10 KB 305ms
99ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

39215b12ffe5edfee3bea3957c61cd3b076e86fb93df8b73f7670e52cb7931ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:23:51 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61b2ac27-84cb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 11 Dec 2021 13:03:27 GMT

GET
H2 200 pbjs_wrapper.v1.1.js Show response
hb.brainlyads.com/ Frame 5B17 34 KB
11 KB 394ms
192ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

10b3fbd4f1fb45308a5948e95573688279f1788e508d328db488698de503f634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:23:52 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61b2ac28-872b"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 pbjs_wrapper.v2.0.js Show response
hb.brainlyads.com/ Frame 2356 38 KB
11 KB 386ms
190ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

26fe5d76a293acd3a13134e584d564f454df394bd8cb1f7ecbe8c42ef042ea58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 18:42:33 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61b0fc99-99ac"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 5 KB
2 KB 311ms
109ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 8ab6209ffb0c33d471844768d7deb2d508352f7de5d17a3108e6e86015e3019c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:03:27 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"12f4-N5KtV+ZaTO4wjmtmpalIs8qnlqU"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.techtimes.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 53ms
29ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41574041-1&cid=183067103.1639141407&jid=1233202037&_u=4GBAAUAAAAAAAC~&z=786936578

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41574041-1&cid=183067103.1639141407&jid=1233202037&_u=4GBAAUAAAAAAAC~&z=786936578

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.techtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.techtimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 183 KB
21 KB 657ms
642ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1947733296608470&correlator=893033401028425&output=ldjh&impl=fifs&eid=31061815%2C31063914%2C44755510&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211210&iu_parts=21697271410%2Ctechtimes%2Cpersonaltech%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C400x300%2C300x250%7C300x600%7C160x600%7C300x1050%2C300x250%7C300x600%7C160x600%2C728x90%2C1x1%2C1x1&ists=3&prev_scp=pos%3Dtop%26amznbid%3D2%26amznp%3D2%7Cpos%3Dright1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dright2%26amznbid%3D2%26amznp%3D2%7Cpos%3Dright3%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbottom%26amznbid%3D2%26amznp%3D2%7Cpos%3Doop1%7Cpos%3Doop2&eri=1&cust_params=article_id%3D269195%26NoPassAN%3DN&cookie_enabled=1&bc=31&abxe=1&lmt=1639141407&dt=1639141407363&dlt=1639141406656&idt=338&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C1032%2C-9%2C-9%2C-9%2C0%2C165&adys=130%2C409%2C-9%2C-9%2C-9%2C4364%2C3613&adks=1577784758%2C3836433192%2C2595408385%2C3351343851%2C1583772871%2C1492474528%2C1492474529&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&ref=https%3A%2F%2Ft.co%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1270x0%7C403x0%7C0x-1%7C0x-1%7C0x-1%7C1600x0%7C836x0&msz=970x0%7C403x0%7C0x-1%7C0x-1%7C0x-1%7C1600x0%7C836x0&ga_vid=183067103.1639141407&ga_sid=1639141407&ga_hid=701275879&ga_fc=true&fws=0%2C0%2C2%2C2%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C-1%7C-1%7C-1%7C1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

778c0fb72ec11a168e1e37fd98eb227a7c1b4e86e90e19179804398c7efc9c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21529
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.techtimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d02a2656d53cc29d7e5c72f32e80094e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D29 6 KB
4 KB 53ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d02a2656d53cc29d7e5c72f32e80094e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 10 Dec 2021 13:03:27 GMT
expires: Sat, 10 Dec 2022 13:03:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame F1B6 494 KB
150 KB 306ms
195ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: t.co
URL: https://t.co/M9AHoMYNu5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

b672c511634d28d06f4af43689cfbd80de42ad2e084cf0b94f59513a9da639fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 21:08:45 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"61b2705d-7b6c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 11 Dec 2021 13:03:27 GMT

POST
H2 200 response.json Show response
script.anura.io/ 80 B
429 B 128ms
88ms XHR
application/json 3.10.189.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1249184190139&callback=_anuraResFun&673676311697

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.189.237 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-189-237.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

68f391900a993fca7c61143ba0e84a40cfb33535a323f92f89dcb73bbb566ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H3 200 css
fonts.googleapis.com/ 21 KB
1 KB 31ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:39:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 13:03:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Dec 2021 13:03:27 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
622 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:36:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 13:03:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Dec 2021 13:03:27 GMT

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 527ms
166ms Script
text/plain 52.221.57.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.221.57.91 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-57-91.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 37ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167135943-23

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e138fbd4f9de9d6648f91ace871eef72251400d382e492349d4fdf3d3ed92b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36212
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:03:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 34ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167135943-23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41574041-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ee11edf8bbd7ede5f389f2541e1caa5a27dc3ca4d52e28f41a180fa43f4e294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36237
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:03:27 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 527ms
181ms Script
application/javascript 44.238.136.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&ref=https%3A%2F%2Ft.co%2F
Requested by: Host: t.co
URL: https://t.co/M9AHoMYNu5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.136.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-136-108.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: cc1da6a947e7fde6ed8be4b0cb7fe039c99dbd72d8b65a4e9b23e9427a7cad2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
server: nginx/1.18.0
content-length: 3368
content-type: application/javascript

GET
H2 200 / Show response
c.mgid.com/pv/ 0
303 B 37ms
27ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1639141407646208398674&uniqId=17724&childs=1121456&niet=4g&nisd=false&jsv=es6&ref=https%3A%2F%2Ft.co%2F&cxurl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&pr=t.co&lu=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&sessionId=61b35020-0fe6d&pageView=1&pvid=17da470fb9eb96dec2c&site=703692&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb6ac65d81e5b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=701275879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=New%20Microsoft%20Outlook%20Phishing%20Scheme%20Allows%20Hackers%20to%20Pretend%20to%20be%20Your%20Boss%20%7C%20Tech%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUABAAAAAC~&jid=858856118&gjid=1495554849&cid=183067103.1639141407&tid=UA-167135943-23&_gid=1351738347.1639141407&_r=1&gtm=2ouc10&z=968401330

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 25ms
16ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 6666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TV9EGYWE00S199ZT
x-amz-id-2: PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb6ac66086a5b50-FRA
expires: Sat, 11 Dec 2021 13:03:27 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 37ms
28ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 6667
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6bb6ac66086c5b50-FRA
expires: Sat, 11 Dec 2021 13:03:27 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 40ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-167135943-23&cid=183067103.1639141407&jid=858856118&gjid=1495554849&_gid=1351738347.1639141407&_u=6GDAAUABAAAAAC~&z=1345812340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 13:03:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 155228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 17:56:19 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1119383/ 5 KB
2 KB 46ms
26ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119383/1?pv=5&cbuster=1639141407735827627225&uniqId=17724&childs=1121456&niet=4g&nisd=false&jsv=es6&w=836&h=484&p3_w=270&p3_h=217&maxw_3=270&maxh_3=217&cols=3&ref=https%3A%2F%2Ft.co%2F&cxurl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&pr=t.co&lu=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&sessionId=61b35020-0fe6d&pageView=1&pvid=17da470fb9eb96dec2c&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59167ed1c6e56203b9d212c7728dad13f11c3ff987bf15f94ec27f139d9167f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb6ac66792b5b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y0NWRiNzdiOTEzYjUyNjA0YzM3MDU2ZDIyOTgxYjUyLmpwZw.webp
s-img.mgid.com/g/4045276/492x277/0x51x564x376/ 23 KB
23 KB 55ms
27ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4045276/492x277/0x51x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y0NWRiNzdiOTEzYjUyNjA0YzM3MDU2ZDIyOTgxYjUyLmpwZw.webp?v=1639141407-D0FKLdrkkh_4wenQPUedG_ykuDJ0oeVZ2KN8mmptX7M
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6914a7893a64c33816f496cffa3d40d7b3d89784e70271f402707de20f942c04

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:57:16 GMT
x-mg-request-uuid: 7c553a15-9f3b-4a31-9afa-5f1ed92130a4
age: 659291
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb6ac66efa86977-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23508
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp
s-img.mgid.com/g/8164907/492x277/0x119x501x334/ 23 KB
24 KB 47ms
19ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164907/492x277/0x119x501x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp?v=1639141407-vi5CBz74SaL1oVBl_u4qCuYtzwqOt5Qf1xMx91yyV5Y
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdfb3f0436bf28f56e88a7e8d60c6db1bd32c96fc76765c068222a5455b75038

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:43:49 GMT
x-mg-request-uuid: 61ece301-05c3-48da-8f32-a685cdcd5714
age: 1059792
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb6ac66efa96977-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23682
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzYzMzZkODlkNzg3ZTBlZ...
s-img.mgid.com/g/11533328/492x277/-/ 8 KB
8 KB 59ms
31ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533328/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzYzMzZkODlkNzg3ZTBlZTkyMTAyZDU4ZDk0NmMyMzkuanBlZw.webp?v=1639141407-ZhkdhZ6PJ_URL1k5CRO0J2LyjyTw0Y0Cu6FwS4yo6yY
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad2552c6ea09bec42468a16ed08e7006907a4c2ea5d9428fe8ab686dc72a792

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:24:04 GMT
x-mg-request-uuid: 8bf6ece0-b602-4330-a0ff-77fb7efba074
age: 774853
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb6ac66efab6977-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7772
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfOTgxLHlfMzEyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85ZWQ1Y...
s-img.mgid.com/g/11533472/492x277/-/ 21 KB
22 KB 60ms
32ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533472/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfOTgxLHlfMzEyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC85ZWQ1YmM2ODVhNWVlNmMyOTExYjc1YWY3OTI4MmQ1ZC5qcGVn.webp?v=1639141407-bpne_jkZ2oBTR28zFp76fSpe7zty0NsKsPkVyMDA2Lc
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5fe037d5163def0e82e4550d525ab5da055a39a2dd0502774c13b1dba1358f

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:35:10 GMT
x-mg-request-uuid: 9ebe1ca6-a40e-4ca1-8716-e69914156dd6
age: 777434
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb6ac66efaf6977-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21866
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTcxLHlfNDc5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC9hODQ5O...
s-img.mgid.com/g/11533468/492x277/-/ 23 KB
23 KB 62ms
35ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533468/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTcxLHlfNDc5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC9hODQ5ODExOWViOGQzNWQ5Yjk2NDVjNTIzZjFhYTcxOS5qcGVn.webp?v=1639141407-dYqF9ZUFJEiZAvO7o3td9Bifrzsa3uP998drQIo6U1U
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f06f71ba2aabc2ad50b9f0043c6b6fa03fe8ec407265850aafaab6837258e201

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:35:08 GMT
x-mg-request-uuid: bdc242cc-381c-4c5d-8fcf-8eb176259216
age: 775805
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb6ac66efb16977-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23584
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MxMjYyMzkwNzk1OGZkMWNmOThjYmEzMWRjMGE1YWE3LnBuZw.webp
s-img.mgid.com/g/3835483/492x277/47x0x619x412/ 10 KB
10 KB 52ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3835483/492x277/47x0x619x412/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MxMjYyMzkwNzk1OGZkMWNmOThjYmEzMWRjMGE1YWE3LnBuZw.webp?v=1639141407-UDoA2HKVPCD80yFn759UXONEMJNr4QU7sxkVE4frIJQ
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b9df5940bf747df2ada8582576b74021038700c551da10f08e54faed84857f

Request headers

Referer: https://www.techtimes.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:45 GMT
x-mg-request-uuid: 93088e45-378a-484c-946f-b33d4872481f
age: 5901283
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6bb6ac66efb56977-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9754
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 602619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:39:48 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
980 B 144ms
137ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1639141407839281536811
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aff5475b895a18689da76288c5b6d0950befe58e6f27c7d411fd166afed551b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb6ac670a2c5b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame BC7A 19 B
216 B 130ms
130ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1639141407855484256611
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/e/techtimes.com.1119383.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb6ac671a465b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F1AC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east

281 B
554 B

37ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1639141407839281536811
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Dec 2021 13:03:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Date: Fri, 10 Dec 2021 13:03:28 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 53D0 1 KB
885 B 104ms
25ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1639141407839281536811
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/

Response headers

Server: VertaMedia 1.0
Date: Fri, 10 Dec 2021 13:03:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://www.techtimes.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJhcnAyM1hGSTM1&muidn=lbarp23XFI35
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJhcnAyM1hGSTM1&muidn=lbarp23XFI35&google_tc=
https://cm.mgid.com/google?muidn=lbarp23XFI35&google_ula={guid},5&google_gid=CAESEKAN3x4mpECgt0JP4C3fD5g&google_cver=1

0
412 B

145ms
145ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=lbarp23XFI35&google_ula={guid},5&google_gid=CAESEKAN3x4mpECgt0JP4C3fD5g&google_cver=1
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bb6ac68be6a32b6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=lbarp23XFI35&google_ula={guid},5&google_gid=CAESEKAN3x4mpECgt0JP4C3fD5g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=a42f5852-9a80-462d-a793-544c86fad0bd

43 B
480 B

145ms
143ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=a42f5852-9a80-462d-a793-544c86fad0bd
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb6ac6a58c332b6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=a42f5852-9a80-462d-a793-544c86fad0bd
date: Fri, 10 Dec 2021 13:03:28 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

RX-22d26b7d-286e-4c37-8c35-ec4d6e889fc6-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=lbarp23XFI35
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbarp23XFI35
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/f6e4538a-d856-41df-bdf4-053fb3f0d7b4?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/f6e4538a-d856-41df-bdf4-053fb3f0d7b4?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/f6e4538a-d856-41df-bdf4-053fb3f0d7b4?zcc=1&dspret=0&cb=1639141408196
https://sync.targeting.unrulymedia.com/csync/RX-22d26b7d-286e-4c37-8c35-ec4d6e889fc6-003

43 B
395 B

22ms
13ms

Image
image/gif

213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-22d26b7d-286e-4c37-8c35-ec4d6e889fc6-003
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-22d26b7d-286e-4c37-8c35-ec4d6e889fc6-003
pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=334bd303-0175-4605-94de-b2f80adb6b29
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=334bd303-0175-4605-94de-b2f80adb6b29
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=b1ce91eb-5b29-4bc6-a646-128fd156a40e&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=334bd303-0175-4605-94de-b2f80adb6b29&gdpr=&gdpr_consent=&us_privacy=

43 B
465 B

165ms
164ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=334bd303-0175-4605-94de-b2f80adb6b29&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb6ac694f5032b6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location: //cm.mgid.com/m?cdsp=433145&c=334bd303-0175-4605-94de-b2f80adb6b29&gdpr=&gdpr_consent=&us_privacy=
Date: Fri, 10 Dec 2021 13:03:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=a3dc8be8-02d6-4761-827e-1310971428e8

43 B
496 B

140ms
139ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=a3dc8be8-02d6-4761-827e-1310971428e8
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb6ac6c2bc832b6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=a3dc8be8-02d6-4761-827e-1310971428e8
date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
412 B 175ms
108ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=lbarp23XFI35
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6bb6ac686ddb549f-MAN
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 mw
mwzeom.zeotap.com/ 95 B
456 B 76ms
37ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=lbarp23XFI35&zpartnerid=1532&zdid=1532
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.techtimes.com
access-control-allow-credentials: true
cf-ray: 6bb6ac683d5f5a2b-MXP
access-control-allow-headers: *
content-length: 95

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=U18GWCkZSo9LrQo138CO&pi=mgid&tc=1

43 B
464 B

151ms
150ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=U18GWCkZSo9LrQo138CO&pi=mgid&tc=1
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb6ac68ae6332b6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=U18GWCkZSo9LrQo138CO&pi=mgid&tc=1
pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT, Fri, 10 Dec 2021 13:03:28 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 161ms
84ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=lbarp23XFI35
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6bb6ac68fc6954a0-MAN
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&ttl=1641733408

43 B
480 B

148ms
148ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&ttl=1641733408
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bb6ac69c80932b6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&ttl=1641733408
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbarp23XFI35
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=2008398158947102516&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

34ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:03:28 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame DE96 189 KB
55 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 238595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:46:53 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DE96 13 KB
5 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 225472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 22:25:36 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DE96 89 KB
28 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 240417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:16:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:16:31 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DE96 5 KB
2 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 238579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:47:09 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DE96 40 KB
13 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 238597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:46:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DE96 3 KB
579 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:40:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 13:03:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Dec 2021 13:03:28 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE96 2 KB
3 KB 49ms
20ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 60492
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Dec 2021 20:15:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE96 295 B
757 B 36ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 26394
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 11 Dec 2021 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DE96 0
0 52ms
52ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaUE3H1CzYaTbGtCKrATHybi4Dtm4wYFnpO75rcQP2dkeEAEg3vWGhAFglfrwgYwHoAHU0NCXA8gBCakCuz1NvuDysj7gAgCoAwHIAwqqBPcCT9Dp74Bnd5dqcfjbeahMzJutKv-cX9IfbD9a1wMEoW1aw8UJw1utmDoJ2Eb47Kxc_rHdaxu3WwyEW4J0_HTCPWeaOR8xf6KMWtXeaB7IcfBB86uTVmpL63J3pr5Gf0Sd5FIls8CgJI-g1VRxk3eZjvcgaVvZvJLDMk_47J4UqCZXhyHbijfDLMfBsrzTsUPYzVeDATUq3orfyYNZZU-v_T7RVbN8HIe96IlLkptYKY63NMHA-go2HB5Ig1_VvAYbRtxn45nSQvFs2aapRoe7s9VXgLT0vSwfXlu0mpVjrZcJatpX4a6I_2ybu-3Kap6lBgK3T3X5RJ1SnD4sTH_3cLqk8aKDuAltHblwky5PGMnTk-c2MvQk8aG-zja3pyTb_-1LRef-He_YXiXcT9xVUGBsn2e7-8e5wR0mj8aiUisXIqKhBv4wunuMmLQ3AIsdbPfeu_MQZu-sN9mnY5qS2ESPGJ8GWzmHeWYIyUO8auom-leWCrmGwATovOSl6APgBAGSBQQIBBgBkgUECAUYBKAGLoAHy__cbKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOi8GNIICQiI4YBwEAEYHYAKA8gLAbgTiCfYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItNDk3MTk0OTQwMzYwMjUwORi-lWw&sigh=zQ6RJENm7ZM&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame ABC0 189 KB
54 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 238595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:46:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ABC0 13 KB
5 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 225472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 22:25:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ABC0 89 KB
28 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 240417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:16:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:16:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ABC0 5 KB
2 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 238579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:47:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame ABC0 40 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 238597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:46:51 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ABC0 2 KB
3 KB 50ms
20ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 60492
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 10 Dec 2021 20:15:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ABC0 295 B
353 B 42ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 26394
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 11 Dec 2021 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame ABC0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82a754c2cbeab639d0883d779b391a0d6c2f1c60872663821c316f1fc8be0824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4449270046923671534
tpc.googlesyndication.com/simgad/ Frame ABC0 25 KB
25 KB 43ms
13ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4449270046923671534?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql30oldXag-vRHrKJpqJb0iSZj8qw

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12d0779eb04ef8e9a262822a51ede0bc6ba06f641a7be57756c99134db3d63bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:50:08 GMT
x-content-type-options: nosniff
age: 177200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25120
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:52:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 11:50:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ABC0 0
0 39ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTv9qLx_nZYRdY_X0D_4fH7_WiVDpsovwwffl49ovm3O3695Umr_VHTbwyZaMs0cHz6HPj2
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame ABC0 0
0 57ms
57ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm_RwH1CzYaXbGtCKrATHybi4Dtm4wYFnmMj2quMO2dkeEAEg3vWGhAFglfrwgYwHoAHU0NCXA8gBAqkCuz1NvuDysj7gAgCoAwHIAwiqBPoCT9CSLKm8CskdySWXxJIlB7uiXtRG2B6GRIeSNFJQ1OFi6cr2oHGkn8-w4skuqVZeFNHwaZPnrddf5fvcmXFkeKKv3hu3ZQkYLf9te-vTBr4bmoQLyTjzFDdDak3mDaw2KwwG5EoNycbEU1slYZuZbq7NMTCxQhIyZLDh0sGdIsu9tFfNeyAkQfp-nUUYFexx0cAtnsKQ-uE6CWzXgCOgR1_F2EeiDZ1A7QB4jvdlOe4L-njDoLlxQ7HQ7SxqoKOiD6RTKy7JEqa2fXa1FIiBdqi-I6_jptxAqzowjKvlbuIlZQbjmxeRRXVGl4A5xNedqgIuWbplspqC4TjX6UiDGM_x8ELJpIHlXf6al8bytfBXjX7pfWx3YBJgDVeD3WDETacCa5NLDeX7OMr5B5wt7QaVCM66uXjJcLBY5aldT3m8k49AOc1illr5VXGCf_OsyaQNfooYh0Jj9FI4wqjpi_A37RPnwgMD3qqjpb7D9z7GDKRqTFpIhakUwATovOSl6APgBAGSBQQIBBgBkgUECAUYBKAGAoAHy__cbKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMO9K9IICQiI4YBwEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi00OTcxOTQ5NDAzNjAyNTA5GL6VbA&sigh=lkZ53i-HSq0&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2444797888742274647/ Frame DE96 25 KB
25 KB 50ms
21ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2444797888742274647/downsize_200k_v1?w=600&h=314

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c986a60152177dd11bfcb455ac19eaf9bf266f06b6616faa11a57c3f0a242979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 09:47:31 GMT
x-content-type-options: nosniff
age: 184557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25836
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:41:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 09:47:31 GMT

GET
DATA 200
OK truncated
/ Frame DE96 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DE96 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a7c694a6f327e736c6522c8c15c3f1c83e4a07f35f4fd08d03a1a890b12b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DE96 21 KB
21 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 09:42:58 GMT
x-content-type-options: nosniff
age: 12030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 09:42:58 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DE96 21 KB
21 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techtimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 326522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 06 Dec 2022 18:21:26 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F1AC 32 KB
10 KB 9ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5d22589e454272c090636fad101ece6cc46ac1409938d9922c559fe3f1592532

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:03:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21966
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9507
Expires: Fri, 10 Dec 2021 19:09:34 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame ABC0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

102ms
79ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Fri, 10 Dec 2021 13:03:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET csync
sync.adtelligent.com/ Frame 53D0 0
0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F1AC 284 B
536 B 34ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 535ms
175ms Script
application/javascript 54.201.251.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&ref=https%3A%2F%2Ft.co%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.201.251.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-201-251-82.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:36:36 GMT
server: nginx/1.18.0
etag: W/"1639067796.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Sat, 11 Dec 2021 01:03:28 GMT

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 519ms
172ms Script
application/javascript 52.33.45.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&ref=https%3A%2F%2Ft.co%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.45.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-45-76.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 80bf8d6552f807a6e883a432c0b50833936bbaacb6a2ec2696429a28986f2be6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:35:02 GMT
server: nginx/1.18.0
etag: W/"1639067702.0-26104-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Sat, 11 Dec 2021 01:03:28 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Dcd37a7bc-dedd-468d-807a-96882e89c79f%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&adnxs_id=2989042819961236972

43 B
564 B

230ms
230ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&adnxs_id=2989042819961236972
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sat, 11 Dec 2021 01:03:28 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:03:28 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1adfd184-ccbf-4a50-9fb9-02064f2625fc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&adnxs_id=2989042819961236972
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=cd37a7bc-dedd-468d-807a-96882e89c79f
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=cd37a7bc-dedd-468d-807a-96882e89c79f
https://ids.ad.gt/api/v1/t_match?tdid=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&id=cd37a7bc-dedd-468d-807a-96882e89c79f

43 B
569 B

526ms
204ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&id=cd37a7bc-dedd-468d-807a-96882e89c79f
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sat, 11 Dec 2021 01:03:28 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=ac454219-c3a6-49eb-a3ee-4345b3b21cdc&id=cd37a7bc-dedd-468d-807a-96882e89c79f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcd37a7bc-dedd-468d-807a-96882e89c79f
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dcd37a7bc-dedd-468d-807a-96882e89c79f
https://ids.ad.gt/api/v1/pbm_match?pbm=3199D1CF-F35D-4DEC-9330-F0F4EF9010B1&id=cd37a7bc-dedd-468d-807a-96882e89c79f

43 B
572 B

635ms
355ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=3199D1CF-F35D-4DEC-9330-F0F4EF9010B1&id=cd37a7bc-dedd-468d-807a-96882e89c79f
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sat, 11 Dec 2021 01:03:28 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=3199D1CF-F35D-4DEC-9330-F0F4EF9010B1&id=cd37a7bc-dedd-468d-807a-96882e89c79f
date: Fri, 10 Dec 2021 13:03:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=cd37a7bc-dedd-468d-807a-96882e89c79f
https://ids.ad.gt/api/v1/g_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&google_gid=CAESEIjRxPAPu00TfjkNjzJFIyY&google_cver=1&google_ula=450542624,0

43 B
572 B

575ms
201ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&google_gid=CAESEIjRxPAPu00TfjkNjzJFIyY&google_cver=1&google_ula=450542624,0
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sat, 11 Dec 2021 01:03:28 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&google_gid=CAESEIjRxPAPu00TfjkNjzJFIyY&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=cd37a7bc-dedd-468d-807a-96882e89c79f
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2QzN2E3YmMtZGVkZC00NjhkLTgwN2EtOTY4ODJlODljNzlm

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2QzN2E3YmMtZGVkZC00NjhkLTgwN2EtOTY4ODJlODljNzlm

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=Y2QzN2E3YmMtZGVkZC00NjhkLTgwN2EtOTY4ODJlODljNzlm
date: Fri, 10 Dec 2021 13:03:28 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Dcd37a7bc-dedd-468d-807a-96882e89c79f
https://ids.ad.gt/api/v1/mediamath_match?user_id=08ee61b3-501f-4700-9ae5-842cf1b4ca73&id=cd37a7bc-dedd-468d-807a-96882e89c79f

43 B
484 B

376ms
200ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=08ee61b3-501f-4700-9ae5-842cf1b4ca73&id=cd37a7bc-dedd-468d-807a-96882e89c79f
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sat, 11 Dec 2021 01:03:28 GMT

Redirect headers

Date: Fri, 10 Dec 2021 13:03:28 GMT
Server: MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=08ee61b3-501f-4700-9ae5-842cf1b4ca73&id=cd37a7bc-dedd-468d-807a-96882e89c79f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 10 Dec 2021 13:03:27 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3Dcd37a7bc-dedd-468d-807a-96882e89c79f%26sas_uid%3D%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&sas_uid=[sas_uid]&cklb=1

0
75 B

17ms
17ms

Image
text/plain

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&sas_uid=[sas_uid]&cklb=1
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:27 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&sas_uid=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 10 Dec 2021 13:03:27 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
238 B 31ms
15ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3Dcd37a7bc-dedd-468d-807a-96882e89c79f
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639141409.517339,VS0,VE9
x-served-by: cache-fra19150-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
652 B 202ms
201ms Image
image/gif 52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=cd37a7bc-dedd-468d-807a-96882e89c79f&halo_id=0201ytsvzn07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Sat, 11 Dec 2021 01:03:28 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 546ms
178ms Script
text/plain 54.189.240.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=a93fd1fa7ac5c0e4e32ba49169e553c4&url=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.189.240.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-240-181.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Dec 2021 13:03:29 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: dYN0ZENfEPzqeDp6FTgBfXH2b5MepqGIbWoU52RJNbHHIMN52tCNUsF88X6ooKrwXDCzsTC6N0zpbaH9WlhLlw==
x-frame-options: DENY
date: Fri, 10 Dec 2021 13:03:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Dec 2021 13:30:09 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 12:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Dec 2021 13:57:40 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
306 B 44ms
21ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201ytsvzn07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Dcd37a7bc-dedd-468d-807a-96882e89c79f
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:28 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 308 KB
89 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c0753b80f96f60556cccd81454bfb243d399f4f4e550fc00389b5d02805ddd18

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90715
x-xss-protection: 0
pragma: public
x-fb-debug: RBgTOZUtGgL/B4zl2ppmgFUhyUaKcNijIK7HNgyVZnhTcSruahaWUQz+pJixZ6rkczix04MMSgR6rcMiTvihgQ==
x-frame-options: DENY
date: Fri, 10 Dec 2021 13:03:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.techtimes.com%2Farticles%2F269195%2F20211209%2Fnew-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1639141408832&cd[partner_id]=251&cd[tagger_id]=a93fd1fa7ac5c0e4e32ba49169e553c4&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639141408831.138464232&it=1639141408794&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 10 Dec 2021 13:03:28 GMT

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 105ms
105ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.techtimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 10 Dec 2021 13:03:29 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame ABC0 42 B
497 B 70ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOHBkVwgA-06WsJr_ovXX7ysojozSTxuo48cwdJeqD5wDy5_zKEDvl1nw-PTBjRGgDz-ijtmM31UuW0rAg-qh1HhZRaGnVUoPSg7saXhw1tmzUd0tyTA&sai=AMfl-YTEPgcI3D421sm9MUCLJWcahecjbAxCVoAFyjiOn6-IfogBeVz_Gawx1penSW5MEovnFOpvgywWLAojhhjqNmR8Ia67TDODvWk6fuXqXZHnjKYOWjcVhZ_gyaWngykO&sig=Cg0ArKJSzPsqu_wiLikuEAE&cid=CAASPeRoGUrqsfnNN71mYsR6lOgkMGAA9x4H4dK8BaorDnj4GVrLLW40JQ2WtcoZ5D6G15XrFzZQcFn0J-zX5zU&id=ampim&o=1083,624&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=111&tls=1111&g=95.99999785423279&h=95.99999785423279&tt=1112&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3836433192

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DE96 42 B
108 B 59ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjGsb3EPTzySvZ5dsOrPE1Q9dn2xBaPKGXQXGbAVTNinNw7WYvU20UxLWvvD4DIcWg-o12sfBSj8EacXa0ua3TCXQ9WH46xM299Byw2DyHh_Zf0rI9Uw&sai=AMfl-YS8cbDBJS_aU805fDRzCqIUzw5_e_fcEgadElcEaGiXHAy0FKi0dohBdhqDav7QQKSa6mlSbhyn6raNLTm4Sc3zBtFkK1JlERQJ-0BvmqKOPWSwDDla5qS2-5KO6pLa&sig=Cg0ArKJSzG3GgzY2n2Q_EAE&cid=CAASPeRoUXreRliV_GJcT3KftXOuZajjlXvZ_Mbt2x6g7IsS-cOuWW5ssxdDpGv7vCa7aj-Agk9sEV58F_VU-MA&id=ampim&o=315,130&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=103&tls=1103&g=100&h=100&tt=1103&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1577784758

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:03:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DBF4 0
18 B 19ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.techtimes.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.techtimes.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 10 Dec 2021 13:03:29 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
474 B 63ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?a=true&partnerId=38&userId=

Requested by

Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:03:30 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D&s=185073&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YbNQIl6ba-H2LHp4-yIOuQAA%261217

0
44 B

100ms
99ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YbNQIl6ba-H2LHp4-yIOuQAA%261217
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:30 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:03:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YbNQIl6ba-H2LHp4-yIOuQAA%261217
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 293
Expires: Fri, 10 Dec 2021 13:03:30 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8

0
44 B

98ms
97ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8
Requested by: Host: www.techtimes.com
URL: https://www.techtimes.com/articles/269195/20211209/new-microsoft-outlook-phishing-scheme-microsoft-outlook-hackers-microsoft-outlook-pretend-to-be-your-boss.htm
Protocol: H2
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.techtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:03:30 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8
date: Fri, 10 Dec 2021 13:03:30 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 16:50:13	Name: muc Value: 34a52b35-85fb-4e81-9aba-51d0336416b3
.t.co/	1970-01-20 16:50:13	Name: muc_ads Value: 34a52b35-85fb-4e81-9aba-51d0336416b3
.mgid.com/	1970-01-19 23:19:03	Name: __cf_bm Value: moAeKfjqRX8bFMmFp54ydtchbBBzpb._dqhDRWQkC0g-1639141406-0-Aa3F2UlqnQ6VxGWxmebzGgidL4CiRnvJflbBjomfBm5JsIbCGJ0Fu5xpl3fh6bSlMBBN5VEjf2y5pUjtVmI+Ixg=
.scorecardresearch.com/	1970-01-20 16:35:49	Name: UID Value: 1BRPS8CI70OFQLGQFUGFDBg1639141407
.quantserve.com/	1970-01-20 08:49:15	Name: mc Value: 61b3501f-12748-8d721-70508
.techtimes.com/	1970-01-20 00:02:13	Name: 0671504c615efb6e7d264fa5c254d4de Value: MmNlMTU2NzQ0Y2NkZmVmZmQ1NjAzYjcyMzJjYTc3NmM%3D
.techtimes.com/	1970-01-19 23:19:02	Name: ce4529430e5975f217b8dd05a984cd7b Value: MQ%3D%3D
.techtimes.com/	1970-01-20 01:28:37	Name: _referrer_og Value: https%3A%2F%2Ft.co%2F
.techtimes.com/	1970-01-19 23:19:02	Name: _first_pageview Value: 1
.techtimes.com/	1970-01-20 08:04:37	Name: _jsuid Value: 2159106934
.techtimes.com/	1970-01-20 08:43:30	Name: __qca Value: P0-465438703-1639141407031
.techtimes.com/	1970-01-20 16:50:13	Name: _ga Value: GA1.2.183067103.1639141407
.techtimes.com/	1970-01-19 23:20:27	Name: _gid Value: GA1.2.1351738347.1639141407
.techtimes.com/	1970-01-19 23:19:01	Name: _gat_gtag_UA_41574041_1 Value: 1
e.serverbid.com/	1970-01-20 08:04:37	Name: azk Value: ue1-sb1-5a11611d-ba0d-4149-87b5-561d3b6b43de
in.getclicky.com/	1970-01-20 08:04:37	Name: cluid Value: 2159106934
.techtimes.com/	1970-01-19 23:19:01	Name: _gat_gtag_UA_167135943_23 Value: 1
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lbarp23XFI35
servicer.mgid.com/	1970-01-19 23:19:02	Name: __mglb Value: 4aae4d8c393f422d100aefd60785b084
www.techtimes.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1119383%22%3A%7B%22page%22%3A1%2C%22time%22%3A1639141407796%7D%7D
.bidswitch.net/	1970-01-20 08:04:37	Name: c Value: 1639141408
.bidswitch.net/	1970-01-20 08:04:37	Name: tuuid_lu Value: 1639141408
.techtimes.com/	1970-01-20 08:40:37	Name: __gads Value: ID=8810706241d7c471-22fecbf203cd008d:T=1639141407:S=ALNI_MbgrIzLW6Ct4UvUcM_PhcZS1GhdWA
.bidswitch.net/	1970-01-20 08:04:37	Name: tuuid Value: 334bd303-0175-4605-94de-b2f80adb6b29
.creativecdn.com/	1970-01-20 08:04:37	Name: u Value: U18GWCkZSo9LrQo138CO
.creativecdn.com/	1970-01-20 08:04:37	Name: ts Value: 1639141408
.zeotap.com/	1970-01-20 08:04:37	Name: zc Value: f805a199-095a-41f5-49a4-c297bb7ae857
.volvelle.tech/	1970-01-20 08:04:37	Name: ouuid Value: b1ce91eb-5b29-4bc6-a646-128fd156a40e
.volvelle.tech/	1970-01-20 08:04:37	Name: c Value: 1639141408
.volvelle.tech/	1970-01-20 08:04:37	Name: ouuid_lu Value: 1639141408
.ad.gt/	1970-01-20 16:50:13	Name: au_id Value: cd37a7bc-dedd-468d-807a-96882e89c79f
.ad.gt/	1970-01-19 23:20:27	Name: au_idmatch Value: {"apn": "2021-12-10", "ttd": "2021-12-10", "pub": "2021-12-10", "adx": "2021-12-10", "halo": "2021-12-10", "goo": "2021-12-10", "mediamath": "2021-12-10", "smart": "2021-12-10", "taboola": "2021-12-10"}
.doubleclick.net/	1970-01-20 08:40:37	Name: IDE Value: AHWqTUmVobWO0a1VvPc-JLA1twYsNafN7iowEWDUrU0JHbjqeu04s_ln1th-71ZFoxA
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: lbarp23XFI35
.e-volution.ai/	1970-01-19 23:39:11	Name: v_usr Value: 8335480e-b4f0-46f6-a58f-8604e45103a5
.1rx.io/	1970-01-20 08:04:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-22d26b7d-286e-4c37-8c35-ec4d6e889fc6-003%22%7D
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: lbarp23XFI35
.adsrvr.org/	1970-01-20 08:04:37	Name: TDID Value: ac454219-c3a6-49eb-a3ee-4345b3b21cdc
.targeting.unrulymedia.com/	1970-01-20 08:04:37	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-22d26b7d-286e-4c37-8c35-ec4d6e889fc6-003%22%7D
.adsrvr.org/	1970-01-20 08:04:37	Name: TDCPM Value: CAEYBSABKAIyCwjA9dGIhvqdOhAFOAE.
.pubmatic.com/	1970-01-20 01:28:37	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 01:28:37	Name: KADUSERCOOKIE Value: 3199D1CF-F35D-4DEC-9330-F0F4EF9010B1
.360yield.com/	1970-01-20 01:28:37	Name: tuuid Value: a42f5852-9a80-462d-a793-544c86fad0bd
.360yield.com/	1970-01-20 01:28:37	Name: tuuid_lu Value: 1639141408
.doubleclick.net/	1970-01-19 23:19:05	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 08:44:56	Name: uuid Value: 08ee61b3-501f-4700-9ae5-842cf1b4ca73
.mfadsrvr.com/	1970-01-20 16:50:13	Name: tuuid Value: a3dc8be8-02d6-4761-827e-1310971428e8
.mfadsrvr.com/	1970-01-20 16:50:13	Name: c Value: 1639141408
.mfadsrvr.com/	1970-01-20 16:50:13	Name: tuuid_lu Value: 1639141408
.smartadserver.com/	1970-01-20 08:49:15	Name: pid Value: 2008398158947102516
.adnxs.com/	1970-01-20 01:28:37	Name: uuid2 Value: 2989042819961236972
.mfadsrvr.com/	1970-01-20 16:50:13	Name: ssh Value: !mgid,1639141408
.ad.gt/	1970-01-20 16:50:13	Name: last_seeng_hosted Value: 1639141408689
.ad.gt/	1970-01-20 16:50:13	Name: g_hosted Value:
cm.mgid.com/	1970-01-20 00:02:13	Name: mg_sync Value: {"287839":1639141408,"433145":1639141408,"665953":1639141408}
.ad.gt/	1970-01-20 16:50:13	Name: last_seenmediamath Value: 1639141408707
.ad.gt/	1970-01-20 16:50:13	Name: user_id Value: 08ee61b3-501f-4700-9ae5-842cf1b4ca73
.ad.gt/	1970-01-20 16:50:13	Name: last_seenadx Value: 1639141408707
.ad.gt/	1970-01-20 16:50:13	Name: google_gid Value: CAESEIjRxPAPu00TfjkNjzJFIyY
.ad.gt/	1970-01-20 16:50:13	Name: first_seenadx Value: 1639141408707
.ad.gt/	1970-01-20 16:50:13	Name: last_seentd Value: 1639141408710
.ad.gt/	1970-01-20 16:50:13	Name: tdid Value: ac454219-c3a6-49eb-a3ee-4345b3b21cdc
.ad.gt/	1970-01-20 16:50:13	Name: first_seentd Value: 1639141408710
.techtimes.com/	1970-01-20 01:28:37	Name: _fbp Value: fb.1.1639141408831.138464232
.ad.gt/	1970-01-20 16:50:13	Name: last_seenpbm Value: 1639141408711
.ad.gt/	1970-01-20 16:50:13	Name: pbm Value: 3199D1CF-F35D-4DEC-9330-F0F4EF9010B1
.ad.gt/	1970-01-20 16:50:13	Name: first_seenpbm Value: 1639141408711
.ad.gt/	1970-01-20 16:50:13	Name: last_seenadnxs Value: 1639141408825
.ad.gt/	1970-01-20 16:50:13	Name: adnxs_id Value: 2989042819961236972
.ad.gt/	1970-01-20 16:50:13	Name: first_seenadnxs Value: 1639141408825
.ad.gt/	1970-01-20 16:50:13	Name: last_seenhaloid Value: 1639141408864
.ad.gt/	1970-01-20 16:50:13	Name: halo_id Value: 0201ytsvzn07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 16:50:13	Name: first_seenhaloid Value: 1639141408865
.advertising.com/	1970-01-20 08:06:03	Name: APID Value: UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8
.yahoo.com/	1970-01-20 08:04:59	Name: A3 Value: d=AQABBCJQs2ECEASV0pmBWzQ0onMpcsXBqh4FEgEBAQGhtGG9YQAAAAAA_eMAAA&S=AQAAAouXOyhA5WrPCvyPx0k770A
.analytics.yahoo.com/	1970-01-20 08:06:03	Name: IDSYNC Value: 17ot~220d
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP92858b2a-59b9-11ec-bbbe-0600aff3ffc8
.yahoo.com/	1970-01-19 23:20:27	Name: APIDTS Value: 1639141410
.casalemedia.com/	1970-01-20 08:04:37	Name: CMID Value: YbNQIl6ba-H2LHp4-yIOuQAA
.casalemedia.com/	1970-01-20 01:28:37	Name: CMPS Value: 5222
.casalemedia.com/	1970-01-20 01:28:37	Name: CMPRO Value: 1217
.casalemedia.com/	1970-01-19 23:20:27	Name: CMST Value: YbNQImGzUCIA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://script.anura.io/request.js?instance=2238638024&source=techtimes&campaign=personaltech%2Farticles&exid=anura_techtimes_1249184190139&callback=_anuraResFun&673676311697(Line 14) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1111210941.rsc.cdn77.org
1734811051.rsc.cdn77.org
a.ad.gt
a.volvelle.tech
ad.360yield.com
ads.anura.io
ads.pubmatic.com
adservice.google.com
adservice.google.de
aufp.io
c.amazon-adsystem.com
c.mgid.com
cdn.ampproject.org
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
code.jquery.com
connect.facebook.net
creativecdn.com
d02a2656d53cc29d7e5c72f32e80094e.safeframe.googlesyndication.com
e.serverbid.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.brainlyads.com
ids.ad.gt
image2.pubmatic.com
in.getclicky.com
jsc.mgid.com
match.adsrvr.org
mwzeom.zeotap.com
p.ad.gt
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.zprk.io
pixels.ad.gt
powerad.ai
reporting.powerad.ai
rtb-usw.mfadsrvr.com
rules.quantcount.com
s-img.mgid.com
s.adtelligent.com
sb.scorecardresearch.com
script.anura.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stat.techtimes.com
static.getclicky.com
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
sync.go.sonobi.com
sync.mathtag.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
t.co
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
usermatch.targeting.unrulymedia.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.techtimes.com
x.bidswitch.net
sync.adtelligent.com
104.109.78.125
104.16.199.73
104.19.136.78
104.19.216.61
104.244.42.133
104.92.74.8
109.206.161.21
13.32.29.201
13.35.253.20
13.35.253.28
134.209.129.254
142.250.184.226
142.250.185.130
178.162.133.149
18.194.61.148
18.211.226.152
185.184.8.65
185.29.132.245
185.33.220.243
185.64.189.110
185.86.139.113
198.145.13.12
199.187.193.181
2.18.233.180
2.18.234.21
2001:4de0:ac18::1:a:1a
213.19.147.44
23.20.158.212
2600:9000:211e:1600:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700::6810:135e
2606:4700::6810:a010
2606:4700::6812:bcf
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a02:6ea0:c700::11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::300
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.10.189.237
3.122.145.244
3.126.56.137
3.33.220.150
34.98.77.41
35.190.31.133
35.210.178.101
35.212.212.222
35.244.159.8
44.238.136.108
52.221.57.91
52.33.45.76
52.42.90.222
54.189.240.181
54.201.251.82
54.217.138.163
54.234.151.247
69.173.144.139
69.173.144.165
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08895426c0d9a9330b4b4988d244fb0f964082f78b8a929db01792481c508e49
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cded5abecd6e37aa706cf2c3207922d78c1facfb7c1dc12110e4002d8f015a6
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10b3fbd4f1fb45308a5948e95573688279f1788e508d328db488698de503f634
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d0779eb04ef8e9a262822a51ede0bc6ba06f641a7be57756c99134db3d63bb
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1ad2552c6ea09bec42468a16ed08e7006907a4c2ea5d9428fe8ab686dc72a792
23413106d770fec06e0ee4497b3883b1bb44972825508ff196b36688cfc78f96
26fe5d76a293acd3a13134e584d564f454df394bd8cb1f7ecbe8c42ef042ea58
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2e138fbd4f9de9d6648f91ace871eef72251400d382e492349d4fdf3d3ed92b7
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33851a12c3b5ffed46a71d26c2e99cdfcf5ccf5267dcb26c0439f505bdf52161
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39215b12ffe5edfee3bea3957c61cd3b076e86fb93df8b73f7670e52cb7931ad
3b8335584dc20e76aefdc26f790298035907b773743eba0b03277b95a868d59e
3c79d4b86db3737f4e38a31b50c74de1208efbb7d4ec99055221c293c545e876
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4295a34f0395dfae8f8c9e24f12de869d9f7cadd1853f4888c09fba2cce1ca8d
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d6c0441395a79f993612963489cf57d905fd2e938df3847cb5aa4595ac8e75b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
549112bc130160ae62719497e057e28f50879c18d927de9b411255a20270ba0d
55937ee52d6d7e8746015398bf3a77e7a3d0c62c622766b9707402368d3181bc
564909ae57a774bce3a438e2df0cbe3f8794d33acf6715625e87cb06bfa31908
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59167ed1c6e56203b9d212c7728dad13f11c3ff987bf15f94ec27f139d9167f7
5b20151a1f3855739a388f05074c181072566416c06693a7d8c8fddacbd157f9
5d22589e454272c090636fad101ece6cc46ac1409938d9922c559fe3f1592532
5d5ee54d8325576c1daaeb7d00b56ec6d7059272ff3ead2004baadd5df3e296f
5ee11edf8bbd7ede5f389f2541e1caa5a27dc3ca4d52e28f41a180fa43f4e294
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
66e06f757742d1dcb78175c4bedb462e62a0db88defe1f6d5d9331626236846f
66ea91a01b97feca3757a3ff16e3782973b559b2d4cbe79f7704e91607f9aa47
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
68f391900a993fca7c61143ba0e84a40cfb33535a323f92f89dcb73bbb566ddf
6914a7893a64c33816f496cffa3d40d7b3d89784e70271f402707de20f942c04
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7270d9c019108944b8be69eaa63b3da137f962037f7b1250191f09eff17d9afc
73d41206cbf66f2ff81234c0c9bf22df97dcf2bf2d7968bf78184fd628188cfb
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
778c0fb72ec11a168e1e37fd98eb227a7c1b4e86e90e19179804398c7efc9c56
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ad3ff657f32032ef8efa653730c135bd6aab764db571b1de66d295ec10c81ac
7d63301e1e91a0ceaa150d83c6e934aec86ac07a7c52454b95ad8cdf5bc2f98f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80bf8d6552f807a6e883a432c0b50833936bbaacb6a2ec2696429a28986f2be6
82a754c2cbeab639d0883d779b391a0d6c2f1c60872663821c316f1fc8be0824
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549d67106a040b4415c3509b8a0e7531a8f229aede90ec28f4ee5f293a0763d
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
8750187f16dcb19202cff742df5d2446fcefbe7e4c1bcbe5ea04492af993b183
87a7c694a6f327e736c6522c8c15c3f1c83e4a07f35f4fd08d03a1a890b12b97
89103804e454c445843fabd34ee79f06dae6a371c517bff35f9a743522915ff4
8ab6209ffb0c33d471844768d7deb2d508352f7de5d17a3108e6e86015e3019c
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
94b5e675543ee761468c8ac40ec193ed58cafb0190f4e1384c77d1beb561c51c
95222abbd5c0db5255924fda456547c584f2d4738fb691f0238706032ac47bda
9751f0e58ee1b5a83930fa22bf3b4562a3dd3d0424d2adb17423cc38d5cb847f
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99a5efd3d1c088c308da63f299791db08c40cf8e1da421f30399ce8a9bed36ab
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3ca49bbe2a311e6c93b0eb397a48c07bb9a292579f95c049cf3d6b9ad2d541c
a47dd84c443a0a91a9d2c7a9a6d9d6dc55ac9652c64c108edb76c61fff400abd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b9df5940bf747df2ada8582576b74021038700c551da10f08e54faed84857f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a969f23d2a86a8fbe27e34999a42c0aae9d7b7c46f33113e040cf123077c5a8b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff5475b895a18689da76288c5b6d0950befe58e6f27c7d411fd166afed551b9
b0527357ce7e9ec270c662aee9d20ab3010765e0451ba13738e8ddac201196ef
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2cf31ca947be6dd3ff318d66b2a6eb397f2311490ea939ed9a663c7d5e729a4
b37528b8edfca9b4c56e243195e0f48b6a83878d30dca3c4eb67e530ad3b4428
b58f685b90899ea4b9295454b2165f68658e71155e5b7f5b1f6462e440625674
b672c511634d28d06f4af43689cfbd80de42ad2e084cf0b94f59513a9da639fb
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
bc5fe037d5163def0e82e4550d525ab5da055a39a2dd0502774c13b1dba1358f
bdfb3f0436bf28f56e88a7e8d60c6db1bd32c96fc76765c068222a5455b75038
c0753b80f96f60556cccd81454bfb243d399f4f4e550fc00389b5d02805ddd18
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
c986a60152177dd11bfcb455ac19eaf9bf266f06b6616faa11a57c3f0a242979
c98bd18f179f197055e6e013077e15f2f4771639dbdcd1407486c27d70b4ac4f
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc1da6a947e7fde6ed8be4b0cb7fe039c99dbd72d8b65a4e9b23e9427a7cad2d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc495f93761edfb31e77239c3eaa44ed1a866608e1c360252216d81aaadfd84d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8dd70713902ab397e5940183ee68379ce95ad0f13079821364d10a036bbbd06
eaa1d2a49cd9fb20ef40d866d1deecabee82db7146e40de17753c145bd557ea3
ec928563715656ae5bdf56bcc7215a4d1723c52158709bc2cc36e02af142d089
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06f71ba2aabc2ad50b9f0043c6b6fa03fe8ec407265850aafaab6837258e201
f1f8e52f3acb8c8ab4998465bbe11b70f7384ecd29c8f6450c9228a6ca2d0a65
f45530ee93fe1451632f4c4da09ff7b9dcbbe6a64f2ae824c058c78fababd34c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdc0a0b1a5fe2f85e31f3d8e1a111fcbe751ecd6ae2b14a4eaef8111e116d179
fea59495c3c3a9bd857bf9d1496912323867fdfc7569a54e0e537303fa2113f2

www.techtimes.com Open in urlscan Pro 34.98.77.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

170 Requests

86 %HTTPS

36 %IPv6

55 Domains

83 Subdomains

58 IPs

10 Countries

1983 kBTransfer

5088 kBSize

82 Cookies

17 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.techtimes.com Open in urlscan Pro
34.98.77.41 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

86 %
HTTPS

36 %
IPv6

55
Domains

83
Subdomains

58
IPs

10
Countries

1983 kB
Transfer

5088 kB
Size

82
Cookies

170 HTTP transactions
0 data transactions