urlscan.io logo urlscan.io
SecurityTrails logo

www.tomshardware.com Open in urlscan Pro
104.111.219.119  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Submission: On September 13 via manual from MO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 7 countries across 30 domains to perform 122 HTTP transactions. The main IP is 104.111.219.119, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.tomshardware.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 16th 2019. Valid for: a year.
This is the only time www.tomshardware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
44 104.111.219.119 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.139.128.10 20446 (HIGHWINDS3)
1 185.113.25.52 20596 (FUTURE)
2 185.113.25.53 20596 (FUTURE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (HIGHWINDS3)
3 23.77.209.151 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.198 15169 (GOOGLE)
4 184.31.86.25 20940 (AKAMAI-ASN1)
1 2600:9000:205... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 13.35.254.37 16509 (AMAZON-02)
1 5 104.111.214.103 16625 (AKAMAI-AS)
1 2 54.194.74.162 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 216.58.210.2 15169 (GOOGLE)
1 52.206.106.171 14618 (AMAZON-AES)
1 2.16.186.243 20940 (AKAMAI-ASN1)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2600:9000:205... 16509 (AMAZON-02)
2 13.35.253.27 16509 (AMAZON-02)
1 94.31.29.96 33438 (HIGHWINDS2)
1 2 18.196.132.129 16509 (AMAZON-02)
2 104.109.80.105 20940 (AKAMAI-ASN1)
2 52.20.187.229 14618 (AMAZON-AES)
1 1 35.186.255.8 15169 (GOOGLE)
1 35.190.92.63 15169 (GOOGLE)
1 185.113.25.54 20596 (FUTURE)
1 35.157.148.50 16509 (AMAZON-02)
1 52.28.51.75 16509 (AMAZON-02)
1 35.190.59.101 15169 (GOOGLE)
1 54.171.193.248 16509 (AMAZON-02)
2 151.101.14.2 54113 (FASTLY)
122 41
44    104.111.219.119 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-219-119.deploy.static.akamaitechnologies.com
www.tomshardware.com
assets.purch.com
img.purch.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
pixel.servebom.com
1    185.113.25.52 (United Kingdom)

ASN20596 (FUTURE, GB)
PTR: vif13.web.future.net.uk
widgets.future-fie-assets.co.uk
2    185.113.25.53 (United Kingdom)

ASN20596 (FUTURE, GB)
PTR: vif10.web.future.net.uk
gizmos.future-price.co.uk
widgets.future-fie.co.uk
4    2606:4700::6810:243f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
onesignal.com
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
ads.servebom.com
3    23.77.209.151 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-77-209-151.deploy.static.akamaitechnologies.com
privacy.purch.com
3    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
13    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    172.217.16.198 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f6.1e100.net
ad.doubleclick.net
4    184.31.86.25 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-86-25.deploy.static.akamaitechnologies.com
ws.sharethis.com
1    2600:9000:2057:3600:16:876:8540:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ss.sharethis.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    13.35.254.37 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-37.fra6.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
5    104.111.214.103 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    54.194.74.162 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-74-162.eu-west-1.compute.amazonaws.com
secure-us.imrworldwide.com
1    2a02:26f0:6c00:196::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
3    2600:9000:2057:2400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
1    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
4    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
1    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    52.206.106.171 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-106-171.compute-1.amazonaws.com
srv-2019-09-13-01.config.parsely.com
1    2.16.186.243 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-243.deploy.static.akamaitechnologies.com
c.sharethis.mgr.consensu.org
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2600:9000:2057:dc00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
2    13.35.253.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-27.fra6.r.cloudfront.net
audit.quantcast.mgr.consensu.org
1    94.31.29.96 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.96.IPYX-077437-ZYO.above.net
dg876rejmw3ebkm51boa0sx2-wpengine.netdna-ssl.com
2    18.196.132.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-132-129.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    104.109.80.105 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-80-105.deploy.static.akamaitechnologies.com
t.sharethis.com
2    52.20.187.229 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-187-229.compute-1.amazonaws.com
srv-2019-09-13-01.pixel.parsely.com
1    35.186.255.8 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 8.255.186.35.bc.googleusercontent.com
bounceexchange.com
1    35.190.92.63 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 63.92.190.35.bc.googleusercontent.com
tag.bounceexchange.com
1    185.113.25.54 (United Kingdom)

ASN20596 (FUTURE, GB)
PTR: vif09.web.future.net.uk
search-api.fie.future.net.uk
1    35.157.148.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-148-50.eu-central-1.compute.amazonaws.com
iris.tomshardware.com
1    52.28.51.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-51-75.eu-central-1.compute.amazonaws.com
www.summerhamster.com
1    35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
1    54.171.193.248 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-193-248.eu-west-1.compute.amazonaws.com
ramp.purch.com
2    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
Apex Domain
Subdomains		 Transfer
37 tomshardware.com
www.tomshardware.com
iris.tomshardware.com
282 KB
13 google-analytics.com
www.google-analytics.com
20 KB
12 purch.com
assets.purch.com
privacy.purch.com
img.purch.com
ramp.purch.com
69 KB
9 sharethis.com
ws.sharethis.com
ss.sharethis.com
l.sharethis.com
t.sharethis.com
46 KB
7 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
c.sharethis.mgr.consensu.org
vendorlist.consensu.org
audit.quantcast.mgr.consensu.org
117 KB
6 doubleclick.net
ad.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
60 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
4 onesignal.com
cdn.onesignal.com
onesignal.com
60 KB
3 parsely.com
srv-2019-09-13-01.config.parsely.com
srv-2019-09-13-01.pixel.parsely.com
1 KB
3 facebook.net
connect.facebook.net
120 KB
3 gstatic.com
fonts.gstatic.com
41 KB
2 taboola.com
cdn.taboola.com
142 KB
2 bounceexchange.com
bounceexchange.com
tag.bounceexchange.com
287 B
2 facebook.com
www.facebook.com
324 B
2 imrworldwide.com
secure-us.imrworldwide.com
844 B
2 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
18 KB
2 servebom.com
pixel.servebom.com
ads.servebom.com
97 KB
1 skimresources.com
r.skimresources.com
366 B
1 summerhamster.com
www.summerhamster.com
181 B
1 future.net.uk
search-api.fie.future.net.uk
27 KB
1 netdna-ssl.com
dg876rejmw3ebkm51boa0sx2-wpengine.netdna-ssl.com
15 KB
1 google.com
adservice.google.com
171 B
1 google.de
adservice.google.de
171 B
1 future-fie.co.uk
widgets.future-fie.co.uk
7 KB
1 googletagservices.com
www.googletagservices.com
12 KB
1 optimizely.com
cdn.optimizely.com
39 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 future-price.co.uk
gizmos.future-price.co.uk
43 KB
1 future-fie-assets.co.uk
widgets.future-fie-assets.co.uk
19 KB
1 googleapis.com
fonts.googleapis.com
705 B
122 30
Domain Requested by
36 www.tomshardware.com www.tomshardware.com
13 www.google-analytics.com 1 redirects widgets.future-fie-assets.co.uk
www.google-analytics.com
www.tomshardware.com
6 assets.purch.com www.tomshardware.com
assets.purch.com
5 sb.scorecardresearch.com 1 redirects www.tomshardware.com
www.googletagmanager.com
cdn.taboola.com
4 stats.g.doubleclick.net www.tomshardware.com
4 ws.sharethis.com www.tomshardware.com
ws.sharethis.com
3 connect.facebook.net www.tomshardware.com
connect.facebook.net
3 fonts.gstatic.com www.tomshardware.com
3 privacy.purch.com www.tomshardware.com
2 cdn.taboola.com www.tomshardware.com
cdn.taboola.com
2 srv-2019-09-13-01.pixel.parsely.com www.tomshardware.com
2 t.sharethis.com ws.sharethis.com
t.sharethis.com
2 l.sharethis.com 1 redirects www.tomshardware.com
2 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
2 www.facebook.com www.tomshardware.com
connect.facebook.net
2 img.purch.com www.tomshardware.com
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 onesignal.com cdn.onesignal.com
2 secure-us.imrworldwide.com 1 redirects www.tomshardware.com
2 d1z2jf7jlzjs58.cloudfront.net www.tomshardware.com
d1z2jf7jlzjs58.cloudfront.net
2 cdn.onesignal.com www.tomshardware.com
cdn.onesignal.com
1 ramp.purch.com www.tomshardware.com
1 r.skimresources.com gizmos.future-price.co.uk
1 www.summerhamster.com
1 iris.tomshardware.com pixel.servebom.com
1 search-api.fie.future.net.uk gizmos.future-price.co.uk
1 tag.bounceexchange.com
1 bounceexchange.com 1 redirects
1 dg876rejmw3ebkm51boa0sx2-wpengine.netdna-ssl.com www.tomshardware.com
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 c.sharethis.mgr.consensu.org ws.sharethis.com
1 srv-2019-09-13-01.config.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 securepubads.g.doubleclick.net www.googletagservices.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 widgets.future-fie.co.uk widgets.future-fie-assets.co.uk
1 www.googletagservices.com ads.servebom.com
1 quantcast.mgr.consensu.org ads.servebom.com
1 cdn.optimizely.com www.tomshardware.com
1 ss.sharethis.com www.tomshardware.com
1 ad.doubleclick.net www.tomshardware.com
1 ads.servebom.com www.tomshardware.com
1 www.googletagmanager.com www.tomshardware.com
1 gizmos.future-price.co.uk www.tomshardware.com
1 widgets.future-fie-assets.co.uk www.tomshardware.com
1 pixel.servebom.com www.tomshardware.com
1 fonts.googleapis.com www.tomshardware.com
122 47
Subject Issuer Validity Valid
www.purch.com
DigiCert SHA2 Secure Server CA		 2019-05-16 -
2020-05-15		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
pixel.servebom.com
Sectigo RSA Domain Validation Secure Server CA		 2019-08-13 -
2019-11-11		 3 months crt.sh
future-fie-assets.co.uk
Let's Encrypt Authority X3		 2019-08-14 -
2019-11-12		 3 months crt.sh
future-price.co.uk
Let's Encrypt Authority X3		 2019-07-27 -
2019-10-25		 3 months crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-02 -
2020-01-08		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
ads.servebom.com
DigiCert SHA2 High Assurance Server CA		 2018-10-02 -
2020-10-06		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.sharethis.com
DigiCert SHA2 Secure Server CA		 2018-12-16 -
2020-03-16		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.imrworldwide.com
DigiCert SHA2 Secure Server CA		 2019-02-25 -
2020-02-25		 a year crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
future-fie.co.uk
Let's Encrypt Authority X3		 2019-07-27 -
2019-10-25		 3 months crt.sh
*.config.parsely.com
Amazon		 2019-02-27 -
2020-03-27		 a year crt.sh
*.sharethis.mgr.consensu.org
DigiCert SHA2 Secure Server CA		 2019-07-18 -
2020-10-16		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-18 -
2020-02-27		 a year crt.sh
cert1.a1.atm.aqfer.net
Let's Encrypt Authority X3		 2019-08-01 -
2019-10-30		 3 months crt.sh
*.pixel.parsely.com
Amazon		 2019-02-27 -
2020-03-27		 a year crt.sh
tag.bounceexchange.com
Let's Encrypt Authority X3		 2019-08-25 -
2019-11-23		 3 months crt.sh
search-api.fie.future.net.uk
Let's Encrypt Authority X3		 2019-07-13 -
2019-10-11		 3 months crt.sh
iris.anandtech.com
Let's Encrypt Authority X3		 2019-08-09 -
2019-11-07		 3 months crt.sh
*.summerhamster.com
Let's Encrypt Authority X3		 2019-07-23 -
2019-10-21		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2018-09-13 -
2020-10-07		 2 years crt.sh
*.purch.com
Amazon		 2019-03-01 -
2020-04-01		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Frame ID: B67E13B4930EB4A9C5E02247FA93F078
Requests: 118 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v25/cmp-3pc-check.html
Frame ID: EE2F5AC06AF65F6646AB95888BC216A8
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal.html
Frame ID: E733DA3D7EAA60C25158604BBA601F0E
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=0.303.13295&cid=c010
Frame ID: B0F567E4226B758EE1571229BCBF0052
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9131CA3F5FF7A67E99E6F922B45ED684
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: A8D45EEC05A03ADABDC66FDF44E53C0B
Requests: 1 HTTP requests in this frame

Frame: https://onesignal.com/webPushAnalytics
Frame ID: BB9421855C380FC6F66242D75BEEDDF4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

122
Requests

100 %
HTTPS

34 %
IPv6

30
Domains

47
Subdomains

41
IPs

7
Countries

1276 kB
Transfer

4252 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://sb.scorecardresearch.com/b?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&c9=
Request Chain 50
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=1568339468098 HTTP 302
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=1568339468098&ja=1
Request Chain 81
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1471192596&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=HawkPom&ea=LinkCount-Fallback&_u=aGDACEAjB~&jid=388119404&gjid=1743998518&cid=2008756636.1568339468&tid=UA-72111741-12&_gid=711847519.1568339468&_r=1&gtm=2wg941BPDQ&cd1=NewsPage&cd2=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20&cd4=Editorial&cd5=thus%3Aedt%3A1-40379%3AHackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20%3A1&cd6=Non%20Member&cd7=Tom%27s%20Hardware%20EN&cd8=&cd9=6.0.0-412&cd12=Microsoft%7CSecurity&cd13=Security&cd14=thus%3Aen_US_18_News_40379&cd15=News&cd16=Lucian%20Armasu&cd17=September%2011%2C%202019%20at%2011%3A52%20AM&z=750993007 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72111741-12&cid=2008756636.1568339468&jid=388119404&_gid=711847519.1568339468&gjid=1743998518&_v=j79&z=750993007
Request Chain 100
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=16cb764-16d28512019-7cfbe0d9-1&sessionID=1568339468313.36505&hostname=www.tomshardware.com&location=%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&product=widget&stid=&fcmp=true&publisher=44826d50-86b3-4690-b68d-df4ee65d1526&refDomain=&refQuery=&consentDomain=.consensu.org&url=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&ts1568339468313.0=&sop=false HTTP 301
  • https://l.sharethis.com/sc?cm=ZGYABV169gwAAAASVdpxAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&sop=false
Request Chain 108
  • https://bounceexchange.com/bounce/i.js?client_id=640 HTTP 301
  • https://tag.bounceexchange.com/640/i.js

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request microsoft-phishing-campaign-captcha-scanners-security,40379.html
www.tomshardware.com/news/ 		133 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c9771d548db7e6445dfc67875644b5d1bf87de68364b9ae80b2845dfd061c65c

Request headers

:method
GET
:authority
www.tomshardware.com
:scheme
https
:path
/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
content-type
text/html; charset=UTF-8
set-cookie
PURCHSESSID=3ap396j2d61mgmi80uh791mj40; expires=Sun, 13-Oct-2019 12:20:12 GMT; Max-Age=2629746; path=/; domain=.tomshardware.com; HttpOnly AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D0B071B1BDD053669AE851D1A6C75C94717DAB7C93AA6E3444B4C3132B635C7ABA995F44C651405729A1F2CB2A1AA58A;PATH=/;MAX-AGE=600 RAAS=Device%3D%3ECOMPUTER%3A%3ACountry%3D%3ENLD; expires=Sat, 14-Sep-2019 01:51:07 GMT; Max-Age=86400; path=/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html csrf_token=eyJodHRwcy1jb21tZW50IjoiaWdBZ3N6M3ozVENMcm1sVTU5OTFXNXNucUlzbVBadzJUdmVxa1pMTFJrMCIsImh0dHBzLXRvcGljIjoiMGIxazF5X0MzU2lLRnFOVHNkSkxRUU9FV0wxTklHekY5WmhpeXBDSGxZbyJ9; expires=Sun, 13-Oct-2019 01:51:07 GMT; Max-Age=2592000; path=/; httponly csrf_token=deleted; expires=Thu, 13-Sep-2018 01:51:06 GMT; Max-Age=0; path=/; httponly AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D775FDEF9F09C771E31A0331CF6FC0F55DEC62E5F5B6D14AA1E1DDB7908F8F945C9121A0545190372D5AA8968BF94328;PATH=/;MAX-AGE=600 csrf_token=deleted; expires=Thu, 13-Sep-2018 01:51:06 GMT; Max-Age=0; path=/; httponly AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D0B071B1BDD053669AE851D1A6C75C94212C4DB370C7D982E815F941C5220CCDD57BD8732E824FAC9274EED6C9D01D65;PATH=/;MAX-AGE=600 __uzma=5d7af60b5a7031.53586335; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/ AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D775FDEF9F09C771E31A0331CF6FC0F5717DAB7C93AA6E3444B4C3132B635C7ABA995F44C651405729A1F2CB2A1AA58A;PATH=/;MAX-AGE=600 csrf_token=deleted; expires=Thu, 13-Sep-2018 01:51:06 GMT; Max-Age=0; path=/; httponly __uzmd=1568339467; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/ __uzmc=415171044589; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/ __uzmb=1568339467; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/
surrogate-control
content="ESI/1.0"
vary
Accept-Encoding
x-enhanced_privacy
1
content-encoding
gzip
expires
Fri, 13 Sep 2019 01:51:07 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 13 Sep 2019 01:51:07 GMT
content-length
32016
css
fonts.googleapis.com/ 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
65940d609958b09ab6c5fed5fc18b90143bfa39d650ae10251603787676656b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 13 Sep 2019 01:51:07 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 13 Sep 2019 01:51:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:07 GMT
tomshardware-us-site.edito.document.news.css
www.tomshardware.com/css/compiled/grunt/ 		321 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/css/compiled/grunt/tomshardware-us-site.edito.document.news.css?6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
149a13bb152bdd649d5d6f78bda48e878881481ad5ccac427233a2f404acfc82

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:25:59 GMT
server
nginx
etag
W/"5d138e87-50296"
vary
Accept-Encoding
content-type
text/css
status
200
content-length
72654
require.js
www.tomshardware.com/js/Purch/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/require.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
60cc830a1e5743074103f083093b41923ed2652dac412e569b00c5a67679771c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:27:06 GMT
server
nginx
etag
W/"5d138eca-4507"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
7403
iris.js
pixel.servebom.com/serve_cdn/iris/ 		319 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.servebom.com/serve_cdn/iris/iris.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
422831f28f752b517f0fecea8e7c4a8417478495ea69faebbdd9916f86bc6af0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Thu, 10 Jan 2019 22:27:24 GMT
etag
"1547159244"
x-hw
1568339467.cds016.fr8.hn,1568339467.cds081.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=60148
accept-ranges
bytes
content-length
68980
tomshardware.js
widgets.future-fie-assets.co.uk/js/w/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.future-fie-assets.co.uk/js/w/tomshardware.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.113.25.52 , United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
vif13.web.future.net.uk
Software
/
Resource Hash
386d182be945cbd6cfd6524d81debf17feceb212d25ea6f0171847cd06ce2af2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:35:26 GMT
Content-Encoding
gzip
X-Hawk-Country
Xkey
asset-type-fie-widgets
Age
941
X-Hawk-Area
NL
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-assets
X-FTR-Cache-Status
HIT
Content-Length
18496
X-FTR-Expires
Fri, 13 Sep 2019 01:55:26 GMT
X-FTR-Balancer
hawk-proxy-185-113-25-40
X-FTR-Request-ID
00000000:C7E8_00000000:01BB_5D7AF60B_37D0C6:6F80
Last-Modified
Thu, 12 Sep 2019 15:39:22 GMT
X-Country-Code-Real
NL
ETag
"5d7a66aa-d912"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-FTR-Backend-Server
fievarnishprodred
Cache-Control
max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Expires
Fri, 13 Sep 2019 02:35:26 GMT
hawklinks.js
gizmos.future-price.co.uk/hl/ 		130 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gizmos.future-price.co.uk/hl/hawklinks.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
vif10.web.future.net.uk
Software
/
Resource Hash
cd29d21893314080ddcd81e3e020256dc96eaffaa620e701abacffa9cf1bdd9b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:44:27 GMT
Content-Encoding
gzip
X-Hawk-Country
Xkey
asset-type-fie-hawklinks
Age
400
X-Hawk-Area
NL
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-assets
X-FTR-Cache-Status
HIT
Content-Length
43519
X-FTR-Expires
Fri, 13 Sep 2019 02:04:27 GMT
X-FTR-Balancer
hawkproxyprodblue
X-FTR-Request-ID
00000000:2478_00000000:01BB_5D7AF60B_4ADC73:0420
Last-Modified
Mon, 09 Sep 2019 17:29:51 GMT
X-Country-Code-Real
NL
ETag
"5d768c0f-20691"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-FTR-Backend-Server
fievarnishprodwhite
Cache-Control
max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Expires
Fri, 13 Sep 2019 02:44:27 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2617768e184d5ddcc9a4e65b4780f0028502af41c54c438c18177bcaf581aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3061
etag
W/"73548930d8015a67a49758d8fe546f33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
515679697b9b8c86-VIE
expires
Fri, 13 Sep 2019 13:51:07 GMT
LoadOneSignal.js
assets.purch.com/creative-templates/2.0.3-752/js/membership/OneSignal/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.purch.com/creative-templates/2.0.3-752/js/membership/OneSignal/LoadOneSignal.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
d9959114d1f11cd1dcd2085649949381a5fb3398833588c1c65f4378d3da8160

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
DE535E61BF578220
status
200
content-length
1804
x-amz-id-2
dnLl9DhdhWLdvfI8q5UFkx8xa+Arn/AAWrtW+/zwiFZtYJCmRrMDMu5GpHyLD/z862umYkO1FM0=
last-modified
Wed, 27 Feb 2019 00:02:06 GMT
server
Akamai Resource Optimizer
etag
"f64d13de179d8acb8c7d9f33e517deff"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=81834
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 14 Sep 2019 00:35:01 GMT
gtm.js
www.googletagmanager.com/ 		164 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-BPDQ&l=gtmDataLayer
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78d1b618a357028c70301b9ca6cac82092ceeb2303002b4fc09e687709acfb28
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
br
last-modified
Fri, 13 Sep 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
39085
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:07 GMT
tmnhead.js
ads.servebom.com/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.servebom.com/tmnhead.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e0b29c74fd1c956b96b04e07bd9b2bdea2a7ad70a16697c757e50d92fc883e0e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
status
200
x-hw
1568339467.dop010.fr8.t,1568339467.cds015.fr8.hn,1568339467.cds027.fr8.c
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/x-javascript
content-length
29728
99e-892d65ee034b
privacy.purch.com/consent_config/ 		455 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.purch.com/consent_config/99e-892d65ee034b?callback=gdprEmailModal&fl=message
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.151 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-77-209-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
16640aa38270a1fb624b741825d39997d8da464e0e9a667774584976c30fd7af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
content-length
284
REVISION.js
assets.purch.com/loe/latest/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.purch.com/loe/latest/REVISION.js?t=1568339467713
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
224b4c4463a8a46413ccad3eb963dd475069ec38f8cc916c7f49d0b57fb384f6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
2DBFD31EB3A637F3
status
200
content-length
612
x-amz-id-2
yNjio3vu/9AOwLak3lBylhvXsTwO687rDkYWpNXggSZV7RGYa+x2slWWkhyVSrrV5cq1fSACkMk=
last-modified
Fri, 14 Sep 2018 19:20:33 GMT
server
AmazonS3
etag
"c9f54e17121dd00257eac34a3502d1ec"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 02:06:08 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 19:26:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1751084
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14044
x-xss-protection
0
expires
Sat, 22 Aug 2020 19:26:23 GMT
logos-webfont.woff
www.tomshardware.com/medias/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/medias/fonts/logos-webfont.woff?v=1.1
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
60c9efa39b02d58f131a535be880e6a54ed664f7711fd1e6fea0aeb0f9247e28

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/css/compiled/grunt/tomshardware-us-site.edito.document.news.css?6.0.0-412
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
last-modified
Wed, 26 Jun 2019 15:24:20 GMT
server
nginx
etag
"5d138e24-2c10"
status
200
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
11280
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 19:34:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
800188
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14176
x-xss-protection
0
expires
Wed, 02 Sep 2020 19:34:39 GMT
fontawesome-webfont.woff2
www.tomshardware.com/medias/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/medias/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/css/compiled/grunt/tomshardware-us-site.edito.document.news.css?6.0.0-412
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
last-modified
Wed, 26 Jun 2019 15:24:20 GMT
server
nginx
etag
"5d138e24-118d8"
status
200
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
71896
jquery.min.js
www.tomshardware.com/js/vendor/jquery/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/vendor/jquery/jquery.min.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:43 GMT
server
nginx
etag
W/"5d138eb3-1499c"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
34440
Lazy.js
www.tomshardware.com/js/Purch/Utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Utils/Lazy.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a175cbf7eca260f278807f80418cdf3127400f954eaff6c54d1fee746673c04

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-14e4"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1854
DelayedHover.js
www.tomshardware.com/js/Purch/Utils/ 		727 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Utils/DelayedHover.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9f4cc0c86b965baad53b82a8566ec251a701342a6b78928133c29b352ecfebfb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-2d7"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
395
DecodeLive.js
www.tomshardware.com/js/Purch/Link/ 		814 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Link/DecodeLive.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
86f152d91909c9ba3818ab45b066a3622177359831a7cdb1be02c3436a557d0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:54 GMT
server
nginx
etag
W/"5d138ebe-32e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
448
truncated
/ 		442 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a622a5492869d06cb5c9500a86fbd7d7d4b76c7519bb4f5c6235f3ba52223507

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v24/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v24/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d5a4c2bdbba3f1ed71f3f3141b434699ea99d152ab3cf2aef97f5eb80396b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 09:51:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:23 GMT
server
sffe
age
1180807
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
12992
x-xss-protection
0
expires
Sat, 29 Aug 2020 09:51:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: widgets.future-fie-assets.co.uk
URL: https://widgets.future-fie-assets.co.uk/js/w/tomshardware.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4055
date
Fri, 13 Sep 2019 00:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 13 Sep 2019 02:43:33 GMT
ctAlertBox.js
assets.purch.com/creative-templates/latest/js/ctAlertBox/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.purch.com/creative-templates/latest/js/ctAlertBox/ctAlertBox.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1a1a430bba6a9609ca2ffcb4826dc4c86c21254f6de9ab3f94f2b4b3294857f0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
DFCE73F8F2F17954
status
200
content-length
1319
x-amz-id-2
u2wat6lifHva26QypaOnZC8hec1TABCvabVUO+a4zfQWMJWA3pqgmyYeOkMB/BobYJYcbD4kh+8=
last-modified
Tue, 23 Jul 2019 14:30:39 GMT
server
Akamai Resource Optimizer
etag
"6a66256a7888e61bcd9544ef9f15a119"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=11452
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 05:02:00 GMT
99e-892d65ee034b
privacy.purch.com/consent_config/ 		456 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.purch.com/consent_config/99e-892d65ee034b?callback=consentCallback&fl=message
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.151 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-77-209-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a376bc6ff07faee0754e594bb41a34466e187ec5673bcaddcc5fd59eed7653f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
content-length
283
99e-892d65ee034b
privacy.purch.com/consent_config/ 		459 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.purch.com/consent_config/99e-892d65ee034b?callback=gdprInlineTemplate&fl=message
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.151 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-77-209-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6cd808314ced5a7419ba34788d3fef04b04698026ec6f183bdf93897ca2712b0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
content-length
286
;ord=1568339468031
ad.doubleclick.net/ddm/ad/eahxyrjhz/iefurhvsm/rrhmxfi/zcfqvgi/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/ad/eahxyrjhz/iefurhvsm/rrhmxfi/zcfqvgi/;ord=1568339468031?
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RaasOffer.js
www.tomshardware.com/js/Purch/Utils/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Utils/RaasOffer.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f737a07ba72eb4e7b19772b2693d9aa89616c381d5863826f98552f7ef2d6c7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-16d7"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
2112
Sticky.js
www.tomshardware.com/js/Purch/UI/ 		588 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/UI/Sticky.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a564a1d1c9186ad0edcadc1e4481e0b88bef7147eb14e16dab97a9921b007d96

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-24c"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
288
Zoom.js
www.tomshardware.com/js/Purch/UI/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/UI/Zoom.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e63c91fd21a12a3c9aa4a20f05426ab3a4586b4f0dd01d6d992b9a7893afb453

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-88a"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
939
ResponsiveTableSlideshow.js
www.tomshardware.com/js/Purch/Edito/ 		909 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Edito/ResponsiveTableSlideshow.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7987950cdf446ddda468d2fd6a46006227b7841a4b1ea25c0db4000ed70743cb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-38d"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
445
ResponsiveTableVertical.js
www.tomshardware.com/js/Purch/Edito/ 		1 KB
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Edito/ResponsiveTableVertical.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f62e68af363b20ccb4468412e0e27736917c32223a1a2081d144c83f603b9720

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-450"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
553
ScrollProgressBar.js
www.tomshardware.com/js/Purch/UI/ 		783 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/UI/ScrollProgressBar.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62558122cb407fe0278ed5fcd92c7f0f93aae00d7991961a6ad3e38200c69f22

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-30f"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
387
News.js
www.tomshardware.com/js/Purch/Edito/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Edito/News.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7fb4018a1f96a54438701e6d9c42946d4f3b5460df241715b1a43b61dd80dd2b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-b8b"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1350
AlbumCss.js
www.tomshardware.com/js/Purch/UI/ 		830 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/UI/AlbumCss.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d2b3142732e81ca53c6b63f7beae965a3c0ce9ab8c518a728d9564f15015f0f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:54 GMT
server
nginx
etag
W/"5d138ebe-33e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
456
ExtendedTabs.js
www.tomshardware.com/js/Purch/UI/ 		894 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/UI/ExtendedTabs.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f1c3393e8efaa723487522a5381781265133bdcff11f528edc2e347f7751583

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-37e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
417
CreateTopicForm.js
www.tomshardware.com/js/Purch/Comments/ 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Comments/CreateTopicForm.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
74f245bbd5da458a273f6508a3b192687d7a0beb286a03d6a3fa772f4a1c89d8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-7b1"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
706
CreateForm.js
www.tomshardware.com/js/Purch/Comments/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Comments/CreateForm.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3d3b320edeebe7003d76d523df6a7487fdd80866dd667c53a549c574cc0dc27c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-7ed"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
897
Pagination.js
www.tomshardware.com/js/Purch/Comments/ 		1 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Comments/Pagination.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5c4438c3927fabe06de4d069236da188996cab73ded5bd52e9ec16f127d75329

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-533"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
640
Expand.js
www.tomshardware.com/js/Purch/Comments/ 		1 KB
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Comments/Expand.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ee9ebe8643a5e16dc15925347a5b75a474bbec4c97fb9a403cf7ab92eb4fc28a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-418"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
536
HideUselessTogglers.js
www.tomshardware.com/js/Purch/UI/ 		1 KB
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/UI/HideUselessTogglers.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cae34ef8e36cde06155510274dcf2a06c2e11d5c252588455fa93066834431aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-55d"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
536
ResizableTextarea.js
www.tomshardware.com/js/Purch/Comments/ 		800 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Comments/ResizableTextarea.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7189417a2ee7d987f89e9f1342e53b2d6dd60309a745cfc86fccb2ca325ca597

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-320"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
434
ArchiveForm.js
www.tomshardware.com/js/Purch/Comments/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Comments/ArchiveForm.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e2dcada15e4aca09547e8dd2ea5a7669c4939825ef015cfb031dbcd17f34133f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-410"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
506
InlineSignin.js
www.tomshardware.com/js/Purch/User/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/User/InlineSignin.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3bf0600760bc9486c9de52bbf516881e7f76c21acb45783f9a9a1fb70ceaaf39

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-a6e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1162
buttons.js
ws.sharethis.com/button/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/buttons.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.86.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-86-25.deploy.static.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash
ccef0d063eddfebff1c3cfe89cf135fcc55f752970d967e74d72d07c4c363031

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
ETag
W/"5d72980e-ddb6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=218376
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
15777
Expires
Sun, 15 Sep 2019 14:30:44 GMT
loader.js
ss.sharethis.com/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ss.sharethis.com/loader.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:3600:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:44:02 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2019 17:22:04 GMT
server
AmazonS3
age
566
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
55Xg2qcUVC4Pyw8QP5_Al23dfFFDxfx7sViSWsutH65PThCXMd3-6A==
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		121 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
I/e0lt/ohKLuKKE9UBMT9ps/0/JqlvDgufxWGgYpichpJ+K/T3p+5FPUN1KCG0IgQWXXRCk3RpUDMPXQsqXS7Q==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 13 Sep 2019 01:51:08 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
REVISION.js
assets.purch.com/loe/latest/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.purch.com/loe/latest/REVISION.js?t=1568339468099
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
224b4c4463a8a46413ccad3eb963dd475069ec38f8cc916c7f49d0b57fb384f6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
0D993E3A38B649A2
status
200
content-length
612
x-amz-id-2
CIqopilkZIbprmnSm7wI/2IhpL0HPRKW6Zr09w6hbBrqFixvJezVMXxR7iLkurtVHnU//D8vHb0=
last-modified
Fri, 14 Sep 2018 19:20:33 GMT
server
AmazonS3
etag
"c9f54e17121dd00257eac34a3502d1ec"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 02:06:08 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-37.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 00:42:06 GMT
Content-Encoding
gzip
Age
4142
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Fri, 07 Mar 2014 00:45:07 GMT
Server
nginx
ETag
"53191693-19c1"
Content-Type
application/x-javascript
Via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
7kPKpLi8dUAV0H50g1m_6AMwf2Q8jM3OQ0DJaX6ayNherSbkJMx31Q==
Expires
Sat, 14 Sep 2019 00:42:06 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicro...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicr...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&c9=
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Sep 2019 01:51:08 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&c9=
Pragma
no-cache
Date
Fri, 13 Sep 2019 01:51:08 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=156...
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=156...
44 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=1568339468098&ja=1
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.74.162 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-74-162.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
server
nginx
status
200
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
server
nginx
status
302
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=1568339468098&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		214 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3009
etag
W/"f4ebb281698a883231242a4d72c8502e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
5156796bbc138c86-VIE
expires
Mon, 16 Sep 2019 01:51:08 GMT
4794210819.js
cdn.optimizely.com/js/ 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/4794210819.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:196::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd7effee6b55c00ccd8e55aad7c7b70044464e07ec245e0407bf382137787582
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
naNKCi80uBys13SK29CDVEsktLhgWAZc
content-encoding
gzip
etag
"f41a1262bbdfc1ce104bb6a11f074b3e"
x-amz-request-id
8C5014F77D543B02
status
200
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:196::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
39105
x-amz-id-2
LaXzA8pamUFpQDmpJ8h8p32dhvZMSQ5o+j70CsZ9JEtL3j6tH6A19GyP/6sGhprseF211BaR9bc=
last-modified
Wed, 09 May 2018 00:58:50 GMT
server
AmazonS3
date
Fri, 13 Sep 2019 01:51:08 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
518
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
cmp.js
quantcast.mgr.consensu.org/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: ads.servebom.com
URL: https://ads.servebom.com/tmnhead.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c26fd569cbff7c7b33fe25517c92338cf7fee0beacb4fb93a55885eb506f01d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:41:14 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 16:50:55 GMT
server
AmazonS3
age
1774
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
VSaHhGL0A1WakQBi102RuEFowX0nvsid9Sm2hxMxK0d3w4KJ_vejnw==
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.servebom.com
URL: https://ads.servebom.com/tmnhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"277 / 198 of 1000 / last-modified: 1568323734"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
12668
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:08 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
843
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
856
x-xss-protection
0
expires
Fri, 13 Sep 2019 02:37:05 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAj~&jid=390481869&gjid=919848684&cid=2008756636.1568339468&tid=UA-87763359-6&_gid=711847519.1568339468&_r=1&z=674905907
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgEAj~&jid=1889132193&gjid=2105027957&cid=2008756636.1568339468&tid=UA-3642902-1&_gid=711847519.1568339468&gtm=2wg941BPDQ&z=1193356833
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3642902-1&cid=2008756636.1568339468&jid=1889132193&gjid=2105027957&_gid=711847519.1568339468&_u=YGDAgEAj~&z=515434278
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Sep 2019 01:51:08 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAAEAj~&jid=614985359&gjid=1278772716&cid=2008756636.1568339468&tid=UA-3642902-30&_gid=711847519.1568339468&_r=1&gtm=2wg941BPDQ&z=1092070685
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgEAj~&jid=1357939824&gjid=1053814340&cid=2008756636.1568339468&tid=UA-3642902-8&_gid=711847519.1568339468&gtm=2wg941BPDQ&z=341268714
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3642902-8&cid=2008756636.1568339468&jid=1357939824&gjid=1053814340&_gid=711847519.1568339468&_u=YGDAgEAj~&z=1922528056
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Sep 2019 01:51:08 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Templating.js
www.tomshardware.com/js/Purch/Utils/ 		621 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Utils/Templating.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4bc2fd808fd0b182a5fc595baa84b9cb1407b82265f2d8d38ae84fd1c3d9989a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-26d"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
383
en-GB.json
widgets.future-fie.co.uk/json/ 		19 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.future-fie.co.uk/json/en-GB.json
Requested by
Host: widgets.future-fie-assets.co.uk
URL: https://widgets.future-fie-assets.co.uk/js/w/tomshardware.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
vif10.web.future.net.uk
Software
/
Resource Hash
16cbe3c07a7de9d209f1605b1655bbfc5f49cd75c2cde656c5e827f81964db43

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:48:26 GMT
Content-Encoding
gzip
X-Hawk-Country
Xkey
asset-type-fie-widgets
Age
161
X-Hawk-Area
NL
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-assets
X-FTR-Cache-Status
HIT
Content-Length
6149
X-FTR-Expires
Fri, 13 Sep 2019 02:08:26 GMT
X-FTR-Balancer
hawkproxyprodblue
X-FTR-Request-ID
00000000:2496_00000000:01BB_5D7AF60C_4ADC9A:0420
Last-Modified
Thu, 12 Sep 2019 15:39:22 GMT
X-Country-Code-Real
NL
ETag
"5d7a66aa-4c09"
Vary
Accept-Encoding
Content-Type
application/json
X-FTR-Backend-Server
fievarnishprodred
Cache-Control
max-age=300,public
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Expires
Fri, 13 Sep 2019 01:56:08 GMT
emailModal.js
assets.purch.com/creative-templates/2.0.1-15/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.purch.com/creative-templates/2.0.1-15/emailModal.js?t=1568339468185
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f45147a3a0824caa7bdbb3d05965136fd6951882e9ea46a70e99e5683b2b1f6c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
7C547B7A1E99637C
status
200
content-length
6452
x-amz-id-2
PzPWAQspBbcV8sQpWQSrcsyFKyZQ/tqn6jO8O3d2taZ4y6mPGyKfR0XnaHfFLslVYWZZpkNgr3M=
last-modified
Tue, 16 Oct 2018 18:49:48 GMT
server
AmazonS3
etag
"8560cab6701238f99f729f5a2535a098"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 02:06:08 GMT
638852559596202
connect.facebook.net/signals/config/ 		307 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/638852559596202?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6ee8af51d889c4224423b02e1ae948888c2e7091f771d3f91a9040141ef18779
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79754
x-xss-protection
0
pragma
public
x-fb-debug
nVMlIZrcd3qTszd2anVF0wua3ruHro/w9lj4DWsy9nUQXJu1YzmS+VDfkNEE0IHOyqr38mV3E/IMXQts6cE6OQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 13 Sep 2019 01:51:08 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
web
onesignal.com/api/v1/sync/0b183a06-ffb5-4d9f-a367-e2350046b824/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0b183a06-ffb5-4d9f-a367-e2350046b824/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.7
Resource Hash
631c26b84a24e3c0bb9b1886bf9a5f6be607c6b98c44bd301f30ed3f753f71be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1426
x-powered-by
Phusion Passenger 5.3.7
status
200, 200 OK
x-xss-protection
1; mode=block
x-request-id
d60a4a0f-f0c0-4f75-991e-f1ca6935207f
x-runtime
0.042765
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=2862
cf-ray
5156796c6c408c86-VIE
access-control-allow-headers
SDK-Version
expires
Fri, 13 Sep 2019 01:56:08 GMT
Refresher.js
www.tomshardware.com/js/Purch/Utils/ 		2 KB
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Utils/Refresher.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
35a5d05ee61823d9c34f1ba4a27551b48cde871108ac3836633420f77524e491

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-6b6"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
692
Ramp.js
www.tomshardware.com/js/Purch/Utils/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Utils/Ramp.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dddb68e62a4aa1aab7e92f729fd320b051494e49ca154fb9a3e2fbde62b3ae96

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-bb6"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1254
jquery.form.js
www.tomshardware.com/js/vendor/jquery-form/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/vendor/jquery-form/jquery.form.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
23fc25133ed072cdf7dae575213067b1da3c6843b2a0e489c8b7fc984c60ce6b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:43 GMT
server
nginx
etag
W/"5d138eb3-ab23"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
14493
parsley.js
www.tomshardware.com/js/vendor/parsleyjs/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/vendor/parsleyjs/parsley.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d9f8e8b6aa67b032486a09048c53d52aad703493ff6d51042397815486920f0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:47 GMT
server
nginx
etag
W/"5d138eb7-d267"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
14939
FlashMessage.js
www.tomshardware.com/js/Purch/UI/ 		711 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/UI/FlashMessage.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1282da0b841df7e0c4af02c94a76f0bc5ecf17cb3784ad88e06f2a448c782531

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-2c7"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
397
FormUtils.js
www.tomshardware.com/js/Purch/Data/ 		2 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Data/FormUtils.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
206f9419d69ce8979a6524ab50a9645a45f3016158ed8414a996ff45f5da805b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-62e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
812
WebStorage.js
www.tomshardware.com/js/Purch/Utils/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/Purch/Utils/WebStorage.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c34bd8633143a8b6a54b1cea34c82419540158471decbc97928cb2e7fc7a4fa9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-4b8"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
575
clickstream.js
assets.purch.com/loe/latest/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.purch.com/loe/latest/clickstream.js?2.4.0-28
Requested by
Host: assets.purch.com
URL: https://assets.purch.com/loe/latest/REVISION.js?t=1568339467713
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
176b9a1d199712ee7e61c666f8c68d28a8c8d4c29f11d2880132fba21fa4d8c2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
EDCFED8F4D35D82F
status
200
content-length
2372
x-amz-id-2
pK/11csRxo40DQtFa9rf0pB3ayJudrni0PWBqBzPyxnaOhThThuhz4ROloqT4arXreAPi0azChA=
last-modified
Sat, 31 Aug 2019 02:07:26 GMT
server
Akamai Resource Optimizer
etag
"e3e2bd997a4309df6559cbab1a140368"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=48867
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 15:25:35 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tomshardware.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tomshardware.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019082901.js
securepubads.g.doubleclick.net/gpt/ 		158 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Aug 2019 13:06:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
59716
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:08 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v25/ Frame EE2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v25/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v25/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Wed, 28 Aug 2019 16:50:51 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Fri, 13 Sep 2019 01:42:02 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
x-cache
Hit from cloudfront
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
121KJaL_xhTqhaCxvGVuzL5Vi8XexBVyb0HI9cRmoCLzEsDrEvmNmg==
age
1417
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAj~&jid=169368183&gjid=1251761652&cid=2008756636.1568339468&tid=UA-72111741-12&_gid=711847519.1568339468&gtm=2wg941BPDQ&cd1=NewsPage&cd2=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20&cd4=Editorial&cd5=thus%3Aedt%3A1-40379%3AHackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20%3A1&cd6=Non%20Member&cd7=Tom%27s%20Hardware%20EN&cd8=&cd9=6.0.0-412&cd12=Microsoft%7CSecurity&cd13=Security&cd14=thus%3Aen_US_18_News_40379&cd15=News&cd16=Lucian%20Armasu&cd17=September%2011%2C%202019%20at%2011%3A52%20AM&cd19=&z=1202351440
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-72111741-12&cid=2008756636.1568339468&jid=169368183&gjid=1251761652&_gid=711847519.1568339468&_u=aGDAgEAj~&z=1803691605
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Sep 2019 01:51:08 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1471192596&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.htm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72111741-12&cid=2008756636.1568339468&jid=388119404&_gid=711847519.1568339468&gjid=1743998518&_v=j79&z=750993007
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72111741-12&cid=2008756636.1568339468&jid=388119404&_gid=711847519.1568339468&gjid=1743998518&_v=j79&z=750993007
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Sep 2019 01:51:08 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-72111741-12&cid=2008756636.1568339468&jid=388119404&_gid=711847519.1568339468&gjid=1743998518&_v=j79&z=750993007
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=HawkPom&ea=LinkCount-ClickSteam&_u=aGDACEAjB~&jid=&gjid=&cid=2008756636.1568339468&tid=UA-72111741-12&_gid=711847519.1568339468&gtm=2wg941BPDQ&cd1=NewsPage&cd2=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20&cd4=Editorial&cd5=thus%3Aedt%3A1-40379%3AHackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20%3A1&cd6=Non%20Member&cd7=Tom%27s%20Hardware%20EN&cd8=&cd9=6.0.0-412&cd12=Microsoft%7CSecurity&cd13=Security&cd14=thus%3Aen_US_18_News_40379&cd15=News&cd16=Lucian%20Armasu&cd17=September%2011%2C%202019%20at%2011%3A52%20AM&z=992614869
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=HawkPom&ea=LinkCount-Fallback&_u=aGDACEAjB~&jid=&gjid=&cid=2008756636.1568339468&tid=UA-72111741-12&_gid=711847519.1568339468&gtm=2wg941BPDQ&cd1=NewsPage&cd2=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20&cd4=Editorial&cd5=thus%3Aedt%3A1-40379%3AHackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20%3A1&cd6=Non%20Member&cd7=Tom%27s%20Hardware%20EN&cd8=&cd9=6.0.0-412&cd12=Microsoft%7CSecurity&cd13=Security&cd14=thus%3Aen_US_18_News_40379&cd15=News&cd16=Lucian%20Armasu&cd17=September%2011%2C%202019%20at%2011%3A52%20AM&z=1315406510
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=HawkPom&ea=LinkCount-Hawk&_u=aGDACEAjB~&jid=&gjid=&cid=2008756636.1568339468&tid=UA-72111741-12&_gid=711847519.1568339468&gtm=2wg941BPDQ&cd1=NewsPage&cd2=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20&cd4=Editorial&cd5=thus%3Aedt%3A1-40379%3AHackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20%3A1&cd6=Non%20Member&cd7=Tom%27s%20Hardware%20EN&cd8=&cd9=6.0.0-412&cd12=Microsoft%7CSecurity&cd13=Security&cd14=thus%3Aen_US_18_News_40379&cd15=News&cd16=Lucian%20Armasu&cd17=September%2011%2C%202019%20at%2011%3A52%20AM&z=1891242932
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery.ba-resize.min.js
www.tomshardware.com/js/vendor/jquery-resize/ 		824 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/vendor/jquery-resize/jquery.ba-resize.min.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
34aa72f0ee7d0f7fb82a77a24fcd27bafb2d114a49f0cfeff65961ff79a4d6ac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-338"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
458
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.86.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-86-25.deploy.static.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash
764262648df23049f6c23fe89dc20106a96c4624412a8ad20ec54bb7bbae6c6e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
ETag
W/"5d729840-162e8"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=218376
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
18855
Expires
Sun, 15 Sep 2019 14:30:44 GMT
aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9XL1IvODUwMDU5L29yaWdpbmFsL3NodXR0ZXJzdG9ja181MDg3MjExMzEuanBn
img.purch.com/shutterstock-508721131-jpg/w/755/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.purch.com/shutterstock-508721131-jpg/w/755/aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9XL1IvODUwMDU5L29yaWdpbmFsL3NodXR0ZXJzdG9ja181MDg3MjExMzEuanBn
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fc3baa224d4dc34de742869911ab42aa2c9d682b26e4f5b11457f79e5c536107

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
last-modified
Wed, 11 Sep 2019 18:57:28 GMT
server
nginx
etag
"2c6a4a7-b1877-5924b97a61600"
x-akamai-webp
1, 1
content-type
image/webp
status
200
cache-control
max-age=604800
x-imageresizer-blacklisted
0
x-imageresizer-process-debug
http://127.0.0.1:80/internal/w?uri=aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9XL1IvODUwMDU5L29yaWdpbmFsL3NodXR0ZXJzdG9ja181MDg3MjExMzEuanBn&arg1=755&arg2=&arg3=&arg4=&color=&format=&quality=&webp_enabled=1
accept-ranges
bytes
content-length
19942
x-imageresizer-method
width with proportions
expires
Fri, 20 Sep 2019 01:51:08 GMT
aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9XL1EvODUwMDU4L29yaWdpbmFsL21pY3Jvc29mdC1waGlzaGluZy1lbWFpbC5qcGc=
img.purch.com/microsoft-phishing-email/w/711/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.purch.com/microsoft-phishing-email/w/711/aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9XL1EvODUwMDU4L29yaWdpbmFsL21pY3Jvc29mdC1waGlzaGluZy1lbWFpbC5qcGc=
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d2d55b88b0305bebb929f89e32e32586f56dbddc76ff574c9344d54d3de83522

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
last-modified
Wed, 11 Sep 2019 17:44:55 GMT
server
nginx
etag
"2c6a453-cbe1-5924a943093c0"
x-akamai-webp
1, 1
content-type
image/webp
status
200
cache-control
max-age=604800
x-imageresizer-blacklisted
0
x-imageresizer-process-debug
http://127.0.0.1:80/internal/w?uri=aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS9XL1EvODUwMDU4L29yaWdpbmFsL21pY3Jvc29mdC1waGlzaGluZy1lbWFpbC5qcGc=&arg1=711&arg2=&arg3=&arg4=&color=&format=&quality=&webp_enabled=1
accept-ranges
bytes
content-length
32646
x-imageresizer-method
width with proportions
expires
Fri, 20 Sep 2019 01:51:08 GMT
cmpui-popup.js
static.quantcast.mgr.consensu.org/v25/ 		210 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78c372f8aece809225131a8fe9f7b117cf1675c07bcaade16598740bac0ed36c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:42:11 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 16:50:51 GMT
server
AmazonS3
age
905
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
oFFp6c2TbQsHJB1HioXvu3778rtORTC_8JVIrkIqVDFGChBTIoATSA==
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
tomshardware.com
srv-2019-09-13-01.config.parsely.com/config/ 		414 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://srv-2019-09-13-01.config.parsely.com/config/tomshardware.com
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.106.171 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-206-106-171.compute-1.amazonaws.com
Software
/ Express
Resource Hash
b9eeb4da7c625d63440d1d45c50fe41da6e8326d24f23cf334c1b40319858e64

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Cache-Control
private, no-cache
ETag
W/"19e-Nf5hAb17Csz9VAcqqGcNQQ"
Connection
keep-alive
X-Powered-By
Express
Content-Length
414
Content-Type
text/javascript; charset=utf-8
words.js
www.tomshardware.com/js/vendor/parsleyjs/ 		724 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tomshardware.com/js/vendor/parsleyjs/words.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
48dcebc5b39c5ab96d6372196c199dc5170d5614080a92516d0ac1313a722a7c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:47 GMT
server
nginx
etag
W/"5d138eb7-2d4"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
315
portal.html
c.sharethis.mgr.consensu.org/ Frame E733 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.243 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
c.sharethis.mgr.consensu.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
ETag
W/"361b-16cd0431910"
Last-Modified
Mon, 26 Aug 2019 23:29:14 GMT
Vary
Accept-Encoding
Content-Length
4765
Cache-Control
public, max-age=3600
Date
Fri, 13 Sep 2019 01:51:08 GMT
Connection
keep-alive
inferredEvents.js
connect.facebook.net/signals/plugins/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
pr/A4Vvl/VSTMjTaC52fIEd5yEYFmPVUWkO94ro5Dk0tDr/VdhyHHAO8oJ4Su8pIBphZyQ+wNyYAP2mxL0t7Uw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 13 Sep 2019 01:51:08 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.86.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-86-25.deploy.static.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Sep 2019 17:32:48 GMT
Server
nginx/1.12.2
ETag
W/"5d729840-5a76"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
3851
/
www.facebook.com/tr/ 		44 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=638852559596202&ev=PageView&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&rl=&if=false&ts=1568339468430&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568339468429.1957297182&it=1568339468205&coo=false&rqm=GET
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 13 Sep 2019 01:51:08 GMT
vendorlist.json
vendorlist.consensu.org/ 		86 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:dc00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f50533285b2d6fff1ad502048c882b3ca8a81db2daf0afbda8e00f9ce9af25c4

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Sep 2019 08:45:14 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
61367
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 05 Sep 2019 16:00:21 GMT
server
AmazonS3
access-control-max-age
86400
access-control-allow-methods
GET
x-amz-version-id
XTzn11YxHwr37vplnqZ6d.3T_ng5bhB2
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA6-C1
content-type
application/json; charset=utf-8
x-amz-cf-id
PzZlTOLDime-TeoDbaS0XfNzFKulHaknmTKP0jEhJN8uKl1sZcOOiQ==
/
audit.quantcast.mgr.consensu.org/ 		80 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1568339468436;Tom%27s%20Hardware;https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html;;;;;p,off,false,,1,en;CMP_Display:initializationdisplay,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-27.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 08:28:49 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
vary
Origin
age
60611
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
EQipQ8qyJwHQLShsIjjLXg1XT7lim7-Ndkd0oFLQ_b8Twy8lHfbzlA==
tomsha-logo.png
dg876rejmw3ebkm51boa0sx2-wpengine.netdna-ssl.com/wp-content/uploads/2018/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dg876rejmw3ebkm51boa0sx2-wpengine.netdna-ssl.com/wp-content/uploads/2018/08/tomsha-logo.png
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.96 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.96.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
44a8cc852557efc3932219392fea946857dd28789b2537f42118cdd53c872b29

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
last-modified
Thu, 30 Aug 2018 10:20:45 GMT
server
NetDNA-cache/2.2
status
200
etag
"5b87c4fd-3b3f"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15167
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=16cb764-16d28512019-7cfbe0d9-1&sessionID=1568339468313.36505&hostname=www.tomshardware.com&location=%2Fnews%2Fmicrosoft-phis...
  • https://l.sharethis.com/sc?cm=ZGYABV169gwAAAASVdpxAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&sop=false
51 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?cm=ZGYABV169gwAAAASVdpxAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&sop=false
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.132.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ed11dfd27129fc739b1709298fe85b8b65e9e65c793eccfacb4e4790b1446b3a

Request headers

Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.tomshardware.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
Content-Length
51
Stid
ZGYABV169gwAAAASVdpxAw==

Redirect headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.tomshardware.com
Access-Control-Max-Age
1728000
P3p
policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location
/sc?cm=ZGYABV169gwAAAASVdpxAw%3D%3D&uid=true&url=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&sop=false
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
*
Content-Length
216
Stid
ZGYABV169gwAAAASVdpxAw==
t.dhj
t.sharethis.com/1/d/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?rnd=1568339468632&cid=c010&dmn=www.tomshardware.com
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.80.105 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-80-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d509bad38fcc454fa9da342c86c084a90b3eb2c82539801ad4f17631abe10924
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Type
application/javascript
Content-Length
957
Expires
Fri, 13 Sep 2019 02:51:08 GMT
t_.htm
t.sharethis.com/a/ Frame B0F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=0.303.13295&cid=c010
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?rnd=1568339468632&cid=c010&dmn=www.tomshardware.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.80.105 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-80-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
t.sharethis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Accept-Encoding
gzip, deflate, br
Cookie
__stid=ZGYABV169gwAAAASVdpxAw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html

Response headers

Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1084
Cache-Control
max-age=604800
Expires
Fri, 20 Sep 2019 01:51:08 GMT
Date
Fri, 13 Sep 2019 01:51:08 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type
text/html
ptrack-v1.3.1-engagedtime.js
d1z2jf7jlzjs58.cloudfront.net/code/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.3.1-engagedtime.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-37.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
6490a25d62798071f40cb1c72bf6db2ffd03c6572a7653615e0d5bd3c683abef

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 07 Jun 2019 23:31:29 GMT
Content-Encoding
gzip
Age
8389173
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Fri, 07 Jun 2019 23:29:03 GMT
Server
nginx
ETag
W/"5cfaf33f-924c"
Content-Type
application/x-javascript
Via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
wCjuGjf0Luc4mK1FFCnhTiqtGEP8QGN-7QOxCxVVp8IoHu3OiT40Bg==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
audit.quantcast.mgr.consensu.org/ 		80 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1568339468741;Tom%27s%20Hardware;https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html;;;;;p,off,false,,1,en;Shown,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-27.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 16 Aug 2019 08:28:49 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
vary
Origin
age
60611
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
-MJxp69yoEONfQLXn4GEcHeLd_LAgIz5NC7JmSnQn5mHhZKmpLVgtg==
/
srv-2019-09-13-01.pixel.parsely.com/plogger/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2019-09-13-01.pixel.parsely.com/plogger/?rand=1568339468789&plid=74992429&idsite=tomshardware.com&url=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22769d455b-c43b-476b-914c-4ed7c433d3cd%22%2C%22parsely_site_uuid%22%3A%2263de4b1b-9dcc-4f3a-96ec-a14d56acbe51%22%7D&sid=1&surl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&sref=&sts=1568339468784&slts=0&title=Hackers+Use+CAPTCHA+to+Launch+Phishing+Campaign&date=Fri+Sep+13+2019+03%3A51%3A08+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=40275198&u=63de4b1b-9dcc-4f3a-96ec-a14d56acbe51
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.187.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-20-187-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:09 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ Frame 9131 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
8249
pragma
no-cache
cache-control
no-cache
origin
https://www.tomshardware.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
accept-encoding
gzip, deflate, br
cookie
fr=0p9uphC0EBtL6CXSb..BdevYM...1.0.BdevYM.
Origin
https://www.tomshardware.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.tomshardware.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Fri, 13 Sep 2019 01:51:08 GMT
cs.js
sb.scorecardresearch.com/c2/6257622/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/6257622/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-BPDQ&l=gtmDataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2011 23:11:26 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Mon, 16 Sep 2019 01:51:10 GMT
i.js
tag.bounceexchange.com/640/
Redirect Chain
  • https://bounceexchange.com/bounce/i.js?client_id=640
  • https://tag.bounceexchange.com/640/i.js
17 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/640/i.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.92.63 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
63.92.190.35.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
8f93ad06d77ee835bc214715e44cb53563ad0d35b16b9da186d6abeb4a430c6a

Request headers

Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:09 GMT
via
1.1 google
server
fasthttp
content-type
text/plain; charset=utf-8
status
200
cache-control
no-cache, must-revalidate
x-region
europe-west3
alt-svc
clear
content-length
17

Redirect headers

date
Fri, 13 Sep 2019 01:51:09 GMT
via
1.1 google
server
nginx
status
301
content-type
text/html
location
https://tag.bounceexchange.com/640/i.js
alt-svc
clear
content-length
162
merchant-domains.php
search-api.fie.future.net.uk/ 		122 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://search-api.fie.future.net.uk/merchant-domains.php?site=TOMSHARDWARE
Requested by
Host: gizmos.future-price.co.uk
URL: https://gizmos.future-price.co.uk/hl/hawklinks.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.113.25.54 , United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
vif09.web.future.net.uk
Software
/
Resource Hash
600a12564b0e940e8f2ea7979d43566795d7f3d02d884c0b02549edf1fe431d7

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:31:18 GMT
Content-Encoding
gzip
X-Hawk-Country
Age
1190
X-Hawk-Area
NL
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-api
X-FTR-Cache-Status
HIT
Content-Length
26706
X-FTR-Expires
Fri, 13 Sep 2019 01:51:18 GMT
X-FTR-Balancer
hawkproxyprodred
X-FTR-Request-ID
00000000:9CEC_00000000:01BB_5D7AF60D_16297FE:6539
X-Country-Code-Real
NL
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8;
X-FTR-Backend-Server
fievarnishprodred
Cache-Control
max-age=300,public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
Expires
Fri, 13 Sep 2019 01:56:09 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=2&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDACEAjB~&jid=&gjid=&cid=2008756636.1568339468&tid=UA-87763359-6&_gid=711847519.1568339468&z=681245422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805826
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adhZ29hb2AxXlxrVmpga1xWYWo2bTQoe1haWmZsZWtWYFs0KScne1hZZzRdWGNqXHtpXF1caWlcaTR7alxqamBmZVZpXF1caWlcaTR7alxqamBmZVZkXGpqWF5cVlpmbGVrNCd7YW00KSUnJSgnMC97WltaNG5gZVtmbiVWamdWJWRqXiVWYGVrXGllWGMlWltaKH...
iris.tomshardware.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iris.tomshardware.com/adhZ29hb2AxXlxrVmpga1xWYWo2bTQoe1haWmZsZWtWYFs0KScne1hZZzRdWGNqXHtpXF1caWlcaTR7alxqamBmZVZpXF1caWlcaTR7alxqamBmZVZkXGpqWF5cVlpmbGVrNCd7YW00KSUnJSgnMC97WltaNG5gZVtmbiVWamdWJWRqXiVWYGVrXGllWGMlWltaKHtfaVxdNF9ra2dqeio4eik9eik9bm5uJWtmZGpfWGlbblhpXCVaZmR6KT1lXG5qeik9ZGBaaWZqZl1rJGdfYGpfYGVeJFpYZGdYYF5lJFpYZ2taX1gkalpYZWVcaWokalxabGlga3B6KTorJyouMCVfa2Rj
Requested by
Host: pixel.servebom.com
URL: https://pixel.servebom.com/serve_cdn/iris/iris.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.148.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-148-50.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
69dc8ec1b6a3712f9e262228d8f23e8a274f46277f86ab84d44eafbbe5e8b711

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:09 GMT
x-sp-mms-node
mms-ayt.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
application/javascript
status
200
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
expires
Sat, 15 Nov 2008 16:00:00 GMT
bcn
www.summerhamster.com/ 		43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.summerhamster.com/bcn?fe=1568339469288&y=2.0.1098&elg=50357525&flg=200&x=zzz.wrpvkdugzduh.frp%2Fqhzv%2Fplfurvriw-sklvklqj-fdpsdljq-fdswfkd-vfdqqhuv-vhfxulwb%2C40379.kwpo&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Fhdkabumkc%2Flhixukyvp%2Fuukpail%2Fcfityjl%2F%3Brug%3D1568339468031%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Aquiv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.51.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-51-75.eu-central-1.compute.amazonaws.com
Software
Jetty(9.2.10.v20150310) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 13 Sep 2019 01:51:09 GMT
server
Jetty(9.2.10.v20150310)
access-control-allow-origin
*
content-length
43
access-control-allow-methods
*
content-type
image/gif
/
r.skimresources.com/api/ 		106 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?persistence=1&xguid=01BT2SNRZKMTD96W8181AS0KKC&data={%22pubcode%22:%2292X1584492%22,%22domains%22:[%22%22,%22tomsguide.com%22,%22tomshardware.com%22,%22laptopmag.com%22,%22toptenreviews.com%22,%22anandtech.com%22,%22cofense.com%22,%22tomshardware.co.uk%22,%22tomshw.it%22,%22tomshardware.fr%22,%22thg.ru%22,%22tomshardware.de%22,%22purch.com%22,%22enveritasgroup.com%22,%22livescience.com%22,%22space.com%22,%22newsarama.com%22,%22facebook.com%22,%22instagram.com%22,%22twitter.com%22],%22page%22:%22https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html%22}&checksum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Requested by
Host: gizmos.future-price.co.uk
URL: https://gizmos.future-price.co.uk/hl/hawklinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
48e3ec45fff69e67d37c72e1722ff006b48a0207dbb5fbd47a4a1179e60e8611
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.tomshardware.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
event.js
ramp.purch.com/ 		0
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ramp.purch.com/event.js?t=AB&id=0&pvid=0&bid=&cp=0&bdrid=&crid=&ad=&r=783&l=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.193.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-171-193-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 13 Sep 2019 01:51:10 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
content-type
application/x-javascript
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
loader.js
cdn.taboola.com/libtrc/futureplc-network/ 		263 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/futureplc-network/loader.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ab28da027832af62f6d12c3338caae7d534ebbafffdf9b77bcf8a828ed834aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
VneTuxlaULhtT4HaFuOkzT4vaV7OlHyh
content-encoding
gzip
etag
"49117c19f9f00b8750d7a313dd54a167"
age
36
x-cache
HIT
status
200
content-length
30625
x-amz-id-2
WfBXZ/MQsLgaCtu6vPuDfdnXtMKi0ecOVjCol1ULilksUB7KpAackf7xXJJZMZn92yzAKTsqjAA=
x-served-by
cache-fra19173-FRA
last-modified
Wed, 11 Sep 2019 15:05:42 GMT
server
AmazonS3
x-timer
S1568339470.118979,VS0,VE1
date
Fri, 13 Sep 2019 01:51:10 GMT
vary
Accept-Encoding
x-amz-request-id
1596DC6C7EF7B98A
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
99
x-cache-hits
1
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad%20block&ea=Blocker%20Present&el=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&_u=aHDACEAjB~&jid=&gjid=&cid=2008756636.1568339468&tid=UA-72111741-12&_gid=711847519.1568339468&gtm=2wg941BPDQ&cd1=NewsPage&cd2=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20&cd4=Editorial&cd5=thus%3Aedt%3A1-40379%3AHackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign%20%3A1&cd6=Non%20Member&cd7=Tom%27s%20Hardware%20EN&cd8=&cd9=6.0.0-412&cd12=Microsoft%7CSecurity&cd13=Security&cd14=thus%3Aen_US_18_News_40379&cd15=News&cd16=Lucian%20Armasu&cd17=September%2011%2C%202019%20at%2011%3A52%20AM&cd37=2008756636.1568339468&z=2099835556
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805827
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
impl.20190911-24-RELEASE.js
cdn.taboola.com/libtrc/ 		393 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/futureplc-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
Blzyav7I7Fqr90naydKIw6WeS8AJ8pk2
content-encoding
gzip
etag
"46435c29fa55e5bb182a8089f8899af1"
age
30
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
113770
x-amz-id-2
FELoEKgaI/DrtIDrmVjST3PIPcoUFhciEGdu/rHoHou0MDpgtmL4Ttd8JmZIRzxAIZmtMmi1cm0=
x-served-by
cache-fra19173-FRA
last-modified
Wed, 11 Sep 2019 13:41:59 GMT
server
AmazonS3
x-timer
S1568339470.175961,VS0,VE0
date
Fri, 13 Sep 2019 01:51:10 GMT
vary
Accept-Encoding
x-amz-request-id
7C1E695CC51D6438
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
16
x-cache-hits
15
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/futureplc-network/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Sat, 14 Sep 2019 01:51:10 GMT
index.html
ws.sharethis.com/secure/ Frame A8D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.86.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-86-25.deploy.static.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash

Request headers

Host
ws.sharethis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Accept-Encoding
gzip, deflate, br
Cookie
__stid=ZGYABV169gwAAAASVdpxAw==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html

Response headers

Content-Encoding
gzip
Content-Type
text/html
ETag
W/"5d729840-1ade"
Last-Modified
Fri, 06 Sep 2019 17:32:48 GMT
Server
nginx/1.12.2
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow
Content-Length
2090
Date
Fri, 13 Sep 2019 01:51:10 GMT
Connection
keep-alive
b
sb.scorecardresearch.com/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568339470274&ns_c=UTF-8&cv=3.1e&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&c9=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Sep 2019 01:51:10 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
webPushAnalytics
onesignal.com/ Frame BB94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/webPushAnalytics
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onesignal.com
:scheme
https
:path
/webPushAnalytics
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
accept-encoding
gzip, deflate, br
cookie
__cfduid=dab2432ada89204533594fecc5028e9731568339467
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html

Response headers

status
200
date
Fri, 13 Sep 2019 01:51:10 GMT
content-type
text/html
last-modified
Thu, 12 Sep 2019 23:22:40 GMT
cf-cache-status
HIT
age
3081
expires
Fri, 13 Sep 2019 02:51:10 GMT
cache-control
public, max-age=3600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5156797abf448c86-VIE
content-encoding
gzip
/
srv-2019-09-13-01.pixel.parsely.com/plogger/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2019-09-13-01.pixel.parsely.com/plogger/?rand=1568339479288&plid=74992429&idsite=tomshardware.com&url=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22769d455b-c43b-476b-914c-4ed7c433d3cd%22%2C%22parsely_site_uuid%22%3A%2263de4b1b-9dcc-4f3a-96ec-a14d56acbe51%22%7D&sid=1&surl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&sref=&sts=1568339479288&slts=0&date=Fri+Sep+13+2019+03%3A51%3A19+GMT%2B0200+(Central+European+Summer+Time)&action=heartbeat&inc=5&tt=4900&pvid=40275198&u=63de4b1b-9dcc-4f3a-96ec-a14d56acbe51
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.187.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-20-187-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:10 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Purch object| obfCssMap string| k object| dataLayer object| gtmDataLayer function| requirejs function| require function| define object| errPool function| domInteractive object| tmntag function| gdprInlineTemplate object| _sp_ object| cs_cmd function| consentCallback string| hawk_links_selector string| hawk_links_tsid string| hawk_links_skimlinks string| hawk_links_ga_container_id object| hawkWebpackJsonP object| regeneratorRuntime string| GoogleAnalyticsObject function| ga object| tmnramp string| TMNRAAS_VERSION function| tmntag_raascallback object| baseObj function| tmntag_ready_2 object| $head object| $target string| position function| refreshWidget function| widgetTrackReviewUrl function| widgetTrackShoppingBtn function| widgetTrackImpression function| widgetTrackFallback function| widgetTrackVisibility object| google_tag_manager object| __core-js_shared__ function| setImmediate function| clearImmediate function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm function| trackScroll function| stringToArray object| inputValues object| nielsenImg object| nielsenUrl function| fbq function| _fbq object| parselyDiv object| spanElement object| script undefined| scriptContent function| clickEventToAnalytics function| fbSubscribe object| twttr function| fbAsyncInit function| OneSignal function| $ function| jQuery boolean| gdprUser function| tmntag_videoBeforePlayListItem string| TMNAPI_VERSION string| TMNTAG_VERSION string| TMNTAGVIDEOREFRESH_VERSION number| PREBID_TIMEOUT object| googletag function| tmntag_getAdUnitTiming string| defuuid function| __cmp function| tmntag_ready function| tmntag_getAdUnit function| tmntag_isArray function| tmntag_getAdunitFromCache function| tmntag_registerMouseOver function| tmntag_inlineMarkup function| tmntag_defineSlot function| tmntag_defineAdUnit function| tmntag_topLocation boolean| tmntag_gptloaded object| tmntag_callbacks boolean| tmntag_initialLoadDisabled boolean| tmntag_initialLoadDisabledMode object| tmntagCache object| tmntagDisplayed function| tmntag_filterAdUnitsByIds function| tmntag_formateMacromapList function| tmntag_serializeState function| tmntag_redirect function| tmntag_triggerEvent function| tmntag_disableAdunit function| tmntag_enableAdunit function| tmntag_xhrGet boolean| tmntag_executingStart function| tmntag_passback function| tmntag_render function| MultipleIncontent function| tmntag_onAdTagReady function| tmntag_waitForCMP object| userSyncPixels function| purch_history function| purch_history_onNewPage function| tmntag_processTmntagResponse object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| one_signal_start boolean| popover_allowed object| gtmdl object| onesignal_tag string| appIdHttp string| appIdHttps function| get_notification_label function| get_notification_time function| getPageCategory function| getPageTags function| isUserCategorySet function| updateUserPageViewCount function| updateUserTags undefined| onesignal_user_metadata function| getUserMetaData function| updateUserMetaData function| process_onesignal_id function| updateOneSignalUser function| updateCategoryCount string| sCookie number| __oneSignalSdkLoadCount function| __jp0 function| parcelRequire object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| PARSELY object| ParsleyConfig object| ParsleyExtend object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| geolocation object| optly object| optimizely number| hbType object| sharethis undefined| google_measure_js_timing object| hawk function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog string| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback string| typeName boolean| openWidget function| __cmpui string| baseURL object| e object| _taboola object| TRC object| _tblConsole undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcPurgeEventHandlers function| __trcJSONify function| __trcUnJSONify function| __trcGetMargins function| __trcAttachResize function| __trcDetachResize function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam object| params number| trc_debug_level string| trc_article_id object| TRCImpl function| udm_ object| ns_p object| COMSCORE string| messageSet

29 Cookies

Domain/Path Name / Value
.t.sharethis.com/ Name: pxcelPage_c010
Value: 0_7_1568339468894
.sharethis.com/ Name: __stid
Value: ZGYABV169gwAAAASVdpxAw==
.tomshardware.com/ Name: _parsely_visitor
Value: {%22id%22:%2263de4b1b-9dcc-4f3a-96ec-a14d56acbe51%22%2C%22session_count%22:1%2C%22last_session_ts%22:1568339468784}
.tomshardware.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html%22%2C%22sref%22:%22%22%2C%22sts%22:1568339468784%2C%22slts%22:0}
.tomshardware.com/ Name: _fbp
Value: fb.1.1568339468429.1957297182
.tomshardware.com/ Name: optimizelyBuckets
Value: %7B%7D
.tomshardware.com/ Name: optimizelyEndUserId
Value: oeu1568339468364r0.2000426081068345
.tomshardware.com/ Name: __unam
Value: 16cb764-16d28512019-7cfbe0d9-3
.tomshardware.com/ Name: optimizelySegments
Value: %7B%224792550843%22%3A%22false%22%2C%224792470866%22%3A%22gc%22%2C%224787470859%22%3A%22direct%22%7D
.tomshardware.com/ Name: _gat_UA-72111741-12
Value: 1
.tomshardware.com/ Name: _gat_hawkWidgetsAffiliate
Value: 1
www.tomshardware.com/ Name: _cmpQcif3pcsupported
Value: 1
.tomshardware.com/ Name: _dc_gtm_UA-72111741-12
Value: 1
.tomshardware.com/ Name: _gat_UA-3642902-30
Value: 1
.tomshardware.com/ Name: _dc_gtm_UA-3642902-1
Value: 1
.tomshardware.com/ Name: optimizelyPendingLogEvents
Value: %5B%5D
www.tomshardware.com/ Name: AWSELB
Value: EDF195731272FFDBC5733083E0E9AB761E003CE711D775FDEF9F09C771E31A0331CF6FC0F5717DAB7C93AA6E3444B4C3132B635C7ABA995F44C651405729A1F2CB2A1AA58A
.tomshardware.com/ Name: _ga
Value: GA1.2.2008756636.1568339468
.tomshardware.com/ Name: _dc_gtm_UA-3642902-8
Value: 1
www.tomshardware.com/ Name: cmp_choice
Value: quantcast
.tomshardware.com/ Name: _gid
Value: GA1.2.711847519.1568339468
www.tomshardware.com/ Name: __uzmd
Value: 1568339467
www.tomshardware.com/ Name: HawkUID
Value: 7456468dd065
.tomshardware.com/ Name: PURCHSESSID
Value: 3ap396j2d61mgmi80uh791mj40
www.tomshardware.com/ Name: __uzmb
Value: 1568339467
www.tomshardware.com/ Name: onesignal_shown
Value: 1
www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html Name: RAAS
Value: Device%3D%3ECOMPUTER%3A%3ACountry%3D%3ENLD
www.tomshardware.com/ Name: __uzma
Value: 5d7af60b5a7031.53586335
www.tomshardware.com/ Name: __uzmc
Value: 415171044589

9 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
parm undefined
console-api log URL: https://assets.purch.com/creative-templates/2.0.3-752/js/membership/OneSignal/LoadOneSignal.js(Line 86)
Message:
OneSignal: Getting User Metadata
console-api log URL: https://assets.purch.com/creative-templates/2.0.3-752/js/membership/OneSignal/LoadOneSignal.js(Line 150)
Message:
Onesignal:HTTPS init
console-api warning URL: https://static.quantcast.mgr.consensu.org/v25/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api log URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html(Line 1639)
Message:
-RAAS- 1.19 AB detected
console-api log (Line 4)
Message:
-RAMP TABOOLA- configs
console-api log (Line 4)
Message:
-RAMP TABOOLA- SELECTOR
console-api log (Line 6)
Message:
-RAMP TABOOLA- Instantiated on Computer in element: .taboola-anchor
console-api error URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706(Line 1)
Message:
TypeError: Cannot read property 'permission' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.servebom.com
adservice.google.com
adservice.google.de
assets.purch.com
audit.quantcast.mgr.consensu.org
bounceexchange.com
c.sharethis.mgr.consensu.org
cdn.onesignal.com
cdn.optimizely.com
cdn.taboola.com
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
dg876rejmw3ebkm51boa0sx2-wpengine.netdna-ssl.com
fonts.googleapis.com
fonts.gstatic.com
gizmos.future-price.co.uk
img.purch.com
iris.tomshardware.com
l.sharethis.com
onesignal.com
pixel.servebom.com
privacy.purch.com
quantcast.mgr.consensu.org
r.skimresources.com
ramp.purch.com
sb.scorecardresearch.com
search-api.fie.future.net.uk
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
srv-2019-09-13-01.config.parsely.com
srv-2019-09-13-01.pixel.parsely.com
ss.sharethis.com
static.quantcast.mgr.consensu.org
stats.g.doubleclick.net
t.sharethis.com
tag.bounceexchange.com
vendorlist.consensu.org
widgets.future-fie-assets.co.uk
widgets.future-fie.co.uk
ws.sharethis.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.summerhamster.com
www.tomshardware.com
104.109.80.105
104.111.214.103
104.111.219.119
13.35.253.27
13.35.254.37
151.101.14.2
151.139.128.10
172.217.16.198
18.196.132.129
184.31.86.25
185.113.25.52
185.113.25.53
185.113.25.54
2.16.186.243
205.185.216.42
216.58.210.2
23.77.209.151
2600:9000:2057:2400:9:46dc:4700:93a1
2600:9000:2057:3600:16:876:8540:93a1
2600:9000:2057:dc00:1:af78:4c0:93a1
2606:4700::6810:243f
2a00:1450:4001:819::2008
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c0c::9d
2a02:26f0:6c00:196::13b8
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.157.148.50
35.186.255.8
35.190.59.101
35.190.92.63
52.20.187.229
52.206.106.171
52.28.51.75
54.171.193.248
54.194.74.162
94.31.29.96
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee
0a2617768e184d5ddcc9a4e65b4780f0028502af41c54c438c18177bcaf581aa
0d2b3142732e81ca53c6b63f7beae965a3c0ce9ab8c518a728d9564f15015f0f
0d5a4c2bdbba3f1ed71f3f3141b434699ea99d152ab3cf2aef97f5eb80396b99
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1282da0b841df7e0c4af02c94a76f0bc5ecf17cb3784ad88e06f2a448c782531
149a13bb152bdd649d5d6f78bda48e878881481ad5ccac427233a2f404acfc82
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
16640aa38270a1fb624b741825d39997d8da464e0e9a667774584976c30fd7af
16cbe3c07a7de9d209f1605b1655bbfc5f49cd75c2cde656c5e827f81964db43
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d
176b9a1d199712ee7e61c666f8c68d28a8c8d4c29f11d2880132fba21fa4d8c2
1a1a430bba6a9609ca2ffcb4826dc4c86c21254f6de9ab3f94f2b4b3294857f0
206f9419d69ce8979a6524ab50a9645a45f3016158ed8414a996ff45f5da805b
224b4c4463a8a46413ccad3eb963dd475069ec38f8cc916c7f49d0b57fb384f6
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23fc25133ed072cdf7dae575213067b1da3c6843b2a0e489c8b7fc984c60ce6b
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2f1c3393e8efaa723487522a5381781265133bdcff11f528edc2e347f7751583
34aa72f0ee7d0f7fb82a77a24fcd27bafb2d114a49f0cfeff65961ff79a4d6ac
35a5d05ee61823d9c34f1ba4a27551b48cde871108ac3836633420f77524e491
386d182be945cbd6cfd6524d81debf17feceb212d25ea6f0171847cd06ce2af2
3bf0600760bc9486c9de52bbf516881e7f76c21acb45783f9a9a1fb70ceaaf39
3d3b320edeebe7003d76d523df6a7487fdd80866dd667c53a549c574cc0dc27c
3f737a07ba72eb4e7b19772b2693d9aa89616c381d5863826f98552f7ef2d6c7
422831f28f752b517f0fecea8e7c4a8417478495ea69faebbdd9916f86bc6af0
44a8cc852557efc3932219392fea946857dd28789b2537f42118cdd53c872b29
48dcebc5b39c5ab96d6372196c199dc5170d5614080a92516d0ac1313a722a7c
48e3ec45fff69e67d37c72e1722ff006b48a0207dbb5fbd47a4a1179e60e8611
4a175cbf7eca260f278807f80418cdf3127400f954eaff6c54d1fee746673c04
4bc2fd808fd0b182a5fc595baa84b9cb1407b82265f2d8d38ae84fd1c3d9989a
5c4438c3927fabe06de4d069236da188996cab73ded5bd52e9ec16f127d75329
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
600a12564b0e940e8f2ea7979d43566795d7f3d02d884c0b02549edf1fe431d7
60c9efa39b02d58f131a535be880e6a54ed664f7711fd1e6fea0aeb0f9247e28
60cc830a1e5743074103f083093b41923ed2652dac412e569b00c5a67679771c
62558122cb407fe0278ed5fcd92c7f0f93aae00d7991961a6ad3e38200c69f22
631c26b84a24e3c0bb9b1886bf9a5f6be607c6b98c44bd301f30ed3f753f71be
6490a25d62798071f40cb1c72bf6db2ffd03c6572a7653615e0d5bd3c683abef
65940d609958b09ab6c5fed5fc18b90143bfa39d650ae10251603787676656b5
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b
69dc8ec1b6a3712f9e262228d8f23e8a274f46277f86ab84d44eafbbe5e8b711
6ab28da027832af62f6d12c3338caae7d534ebbafffdf9b77bcf8a828ed834aa
6cd808314ced5a7419ba34788d3fef04b04698026ec6f183bdf93897ca2712b0
6d9f8e8b6aa67b032486a09048c53d52aad703493ff6d51042397815486920f0
6ee8af51d889c4224423b02e1ae948888c2e7091f771d3f91a9040141ef18779
7189417a2ee7d987f89e9f1342e53b2d6dd60309a745cfc86fccb2ca325ca597
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
74f245bbd5da458a273f6508a3b192687d7a0beb286a03d6a3fa772f4a1c89d8
764262648df23049f6c23fe89dc20106a96c4624412a8ad20ec54bb7bbae6c6e
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
78c372f8aece809225131a8fe9f7b117cf1675c07bcaade16598740bac0ed36c
78d1b618a357028c70301b9ca6cac82092ceeb2303002b4fc09e687709acfb28
7987950cdf446ddda468d2fd6a46006227b7841a4b1ea25c0db4000ed70743cb
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fb4018a1f96a54438701e6d9c42946d4f3b5460df241715b1a43b61dd80dd2b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f152d91909c9ba3818ab45b066a3622177359831a7cdb1be02c3436a557d0c
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8f93ad06d77ee835bc214715e44cb53563ad0d35b16b9da186d6abeb4a430c6a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9f4cc0c86b965baad53b82a8566ec251a701342a6b78928133c29b352ecfebfb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a376bc6ff07faee0754e594bb41a34466e187ec5673bcaddcc5fd59eed7653f4
a564a1d1c9186ad0edcadc1e4481e0b88bef7147eb14e16dab97a9921b007d96
a622a5492869d06cb5c9500a86fbd7d7d4b76c7519bb4f5c6235f3ba52223507
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b9eeb4da7c625d63440d1d45c50fe41da6e8326d24f23cf334c1b40319858e64
c26fd569cbff7c7b33fe25517c92338cf7fee0beacb4fb93a55885eb506f01d5
c34bd8633143a8b6a54b1cea34c82419540158471decbc97928cb2e7fc7a4fa9
c9771d548db7e6445dfc67875644b5d1bf87de68364b9ae80b2845dfd061c65c
cae34ef8e36cde06155510274dcf2a06c2e11d5c252588455fa93066834431aa
cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3
ccef0d063eddfebff1c3cfe89cf135fcc55f752970d967e74d72d07c4c363031
cd29d21893314080ddcd81e3e020256dc96eaffaa620e701abacffa9cf1bdd9b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d55b88b0305bebb929f89e32e32586f56dbddc76ff574c9344d54d3de83522
d509bad38fcc454fa9da342c86c084a90b3eb2c82539801ad4f17631abe10924
d9959114d1f11cd1dcd2085649949381a5fb3398833588c1c65f4378d3da8160
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dddb68e62a4aa1aab7e92f729fd320b051494e49ca154fb9a3e2fbde62b3ae96
e0b29c74fd1c956b96b04e07bd9b2bdea2a7ad70a16697c757e50d92fc883e0e
e2dcada15e4aca09547e8dd2ea5a7669c4939825ef015cfb031dbcd17f34133f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63c91fd21a12a3c9aa4a20f05426ab3a4586b4f0dd01d6d992b9a7893afb453
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
ed11dfd27129fc739b1709298fe85b8b65e9e65c793eccfacb4e4790b1446b3a
ee9ebe8643a5e16dc15925347a5b75a474bbec4c97fb9a403cf7ab92eb4fc28a
f45147a3a0824caa7bdbb3d05965136fd6951882e9ea46a70e99e5683b2b1f6c
f50533285b2d6fff1ad502048c882b3ca8a81db2daf0afbda8e00f9ce9af25c4
f62e68af363b20ccb4468412e0e27736917c32223a1a2081d144c83f603b9720
fc3baa224d4dc34de742869911ab42aa2c9d682b26e4f5b11457f79e5c536107
fd7effee6b55c00ccd8e55aad7c7b70044464e07ec245e0407bf382137787582