URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Submission: On September 13 via manual from MO

Summary

This website contacted 41 IPs in 7 countries across 30 domains to perform 122 HTTP transactions.
The main IP is 104.111.219.119, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.tomshardware.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 16th 2019. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
44 104.111.219.119 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.139.128.10 20446 (HIGHWINDS3)
1 185.113.25.52 20596 (FUTURE)
2 185.113.25.53 20596 (FUTURE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (HIGHWINDS3)
3 23.77.209.151 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.198 15169 (GOOGLE)
4 184.31.86.25 20940 (AKAMAI-ASN1)
1 2600:9000:205... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 13.35.254.37 16509 (AMAZON-02)
1 5 104.111.214.103 16625 (AKAMAI-AS)
1 2 54.194.74.162 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 216.58.210.2 15169 (GOOGLE)
1 52.206.106.171 14618 (AMAZON-AES)
1 2.16.186.243 20940 (AKAMAI-ASN1)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2600:9000:205... 16509 (AMAZON-02)
2 13.35.253.27 16509 (AMAZON-02)
1 94.31.29.96 33438 (HIGHWINDS2)
1 2 18.196.132.129 16509 (AMAZON-02)
2 104.109.80.105 20940 (AKAMAI-ASN1)
2 52.20.187.229 14618 (AMAZON-AES)
1 1 35.186.255.8 15169 (GOOGLE)
1 35.190.92.63 15169 (GOOGLE)
1 185.113.25.54 20596 (FUTURE)
1 35.157.148.50 16509 (AMAZON-02)
1 52.28.51.75 16509 (AMAZON-02)
1 35.190.59.101 15169 (GOOGLE)
1 54.171.193.248 16509 (AMAZON-02)
2 151.101.14.2 54113 (FASTLY)
122 41
Domain
Subdomains
Transfer
37 tomshardware.com
282 KB
13 google-analytics.com
20 KB
12 purch.com
69 KB
9 sharethis.com
46 KB
7 consensu.org
117 KB
6 doubleclick.net
60 KB
5 scorecardresearch.com
3 KB
4 onesignal.com
60 KB
3 parsely.com
1 KB
3 facebook.net
120 KB
3 gstatic.com
41 KB
2 taboola.com
142 KB
2 bounceexchange.com
287 B
2 facebook.com
324 B
2 imrworldwide.com
844 B
2 d1z2jf7jlzjs58.cloudfront.net
18 KB
2 servebom.com
97 KB
1 skimresources.com
366 B
1 summerhamster.com
181 B
1 future.net.uk
27 KB
1 netdna-ssl.com
15 KB
1 google.com
171 B
1 google.de
171 B
1 future-fie.co.uk
7 KB
1 googletagservices.com
12 KB
1 optimizely.com
39 KB
1 googletagmanager.com
38 KB
1 future-price.co.uk
43 KB
1 future-fie-assets.co.uk
19 KB
1 fonts.googleapis.com
705 B
122 30
Domain Requested by
36 www.tomshardware.com www.tomshardware.com
13 www.google-analytics.com 1 redirects widgets.future-fie-assets.co.uk
www.google-analytics.com
www.tomshardware.com
6 assets.purch.com www.tomshardware.com
assets.purch.com
5 sb.scorecardresearch.com 1 redirects www.tomshardware.com
www.googletagmanager.com
cdn.taboola.com
4 stats.g.doubleclick.net www.tomshardware.com
4 ws.sharethis.com www.tomshardware.com
ws.sharethis.com
3 connect.facebook.net www.tomshardware.com
connect.facebook.net
3 fonts.gstatic.com www.tomshardware.com
3 privacy.purch.com www.tomshardware.com
2 cdn.taboola.com www.tomshardware.com
cdn.taboola.com
2 srv-2019-09-13-01.pixel.parsely.com www.tomshardware.com
2 t.sharethis.com ws.sharethis.com
t.sharethis.com
2 l.sharethis.com 1 redirects www.tomshardware.com
2 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
2 www.facebook.com www.tomshardware.com
connect.facebook.net
2 img.purch.com www.tomshardware.com
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 onesignal.com cdn.onesignal.com
2 secure-us.imrworldwide.com 1 redirects www.tomshardware.com
2 d1z2jf7jlzjs58.cloudfront.net www.tomshardware.com
d1z2jf7jlzjs58.cloudfront.net
2 cdn.onesignal.com www.tomshardware.com
cdn.onesignal.com
1 ramp.purch.com www.tomshardware.com
1 r.skimresources.com gizmos.future-price.co.uk
1 www.summerhamster.com
1 iris.tomshardware.com pixel.servebom.com
1 search-api.fie.future.net.uk gizmos.future-price.co.uk
1 tag.bounceexchange.com
1 bounceexchange.com 1 redirects
1 dg876rejmw3ebkm51boa0sx2-wpengine.netdna-ssl.com www.tomshardware.com
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 c.sharethis.mgr.consensu.org ws.sharethis.com
1 srv-2019-09-13-01.config.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 securepubads.g.doubleclick.net www.googletagservices.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 widgets.future-fie.co.uk widgets.future-fie-assets.co.uk
1 www.googletagservices.com ads.servebom.com
1 quantcast.mgr.consensu.org ads.servebom.com
1 cdn.optimizely.com www.tomshardware.com
1 ss.sharethis.com www.tomshardware.com
1 ad.doubleclick.net www.tomshardware.com
1 ads.servebom.com www.tomshardware.com
1 www.googletagmanager.com www.tomshardware.com
1 gizmos.future-price.co.uk www.tomshardware.com
1 widgets.future-fie-assets.co.uk www.tomshardware.com
1 pixel.servebom.com www.tomshardware.com
1 fonts.googleapis.com www.tomshardware.com
122 47
Subject / Issuer Validity Valid
www.purch.com
DigiCert SHA2 Secure Server CA
2019-05-16 -
2020-05-15
a year
*.googleapis.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
pixel.servebom.com
Sectigo RSA Domain Validation Secure Server CA
2019-08-13 -
2019-11-11
3 months
future-fie-assets.co.uk
Let's Encrypt Authority X3
2019-08-14 -
2019-11-12
3 months
future-price.co.uk
Let's Encrypt Authority X3
2019-07-27 -
2019-10-25
3 months
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-07-02 -
2020-01-08
6 months
*.google-analytics.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
ads.servebom.com
DigiCert SHA2 High Assurance Server CA
2018-10-02 -
2020-10-06
2 years
*.google.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.sharethis.com
DigiCert SHA2 Secure Server CA
2018-12-16 -
2020-03-16
a year
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-08-24 -
2019-10-19
2 months
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA
2018-11-28 -
2019-12-26
a year
*.imrworldwide.com
DigiCert SHA2 Secure Server CA
2019-02-25 -
2020-02-25
a year
cdn.optimizely.com
DigiCert ECC Secure Server CA
2018-11-24 -
2020-02-23
a year
quantcast.mgr.consensu.org
Amazon
2019-05-06 -
2020-06-06
a year
*.g.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
future-fie.co.uk
Let's Encrypt Authority X3
2019-07-27 -
2019-10-25
3 months
*.config.parsely.com
Amazon
2019-02-27 -
2020-03-27
a year
*.sharethis.mgr.consensu.org
DigiCert SHA2 Secure Server CA
2019-07-18 -
2020-10-16
a year
vendorlist.consensu.org
Amazon
2019-03-06 -
2020-04-06
a year
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-18 -
2020-02-27
a year
cert1.a1.atm.aqfer.net
Let's Encrypt Authority X3
2019-08-01 -
2019-10-30
3 months
*.pixel.parsely.com
Amazon
2019-02-27 -
2020-03-27
a year
tag.bounceexchange.com
Let's Encrypt Authority X3
2019-08-25 -
2019-11-23
3 months
search-api.fie.future.net.uk
Let's Encrypt Authority X3
2019-07-13 -
2019-10-11
3 months
iris.anandtech.com
Let's Encrypt Authority X3
2019-08-09 -
2019-11-07
3 months
*.summerhamster.com
Let's Encrypt Authority X3
2019-07-23 -
2019-10-21
3 months
*.skimresources.com
DigiCert SHA2 Secure Server CA
2018-09-13 -
2020-10-07
2 years
*.purch.com
Amazon
2019-03-01 -
2020-04-01
a year
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-07-30 -
2020-07-25
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

122 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
microsoft-phishing-campaign-captcha-scanners-security,40379.html
/news
133 KB
33 KB
Document
General
Full URL
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c9771d548db7e6445dfc67875644b5d1bf87de68364b9ae80b2845dfd061c65c

Request headers

:method
GET
:authority
www.tomshardware.com
:scheme
https
:path
/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
server
nginx
content-type
text/html; charset=UTF-8
set-cookie
PURCHSESSID=3ap396j2d61mgmi80uh791mj40; expires=Sun, 13-Oct-2019 12:20:12 GMT; Max-Age=2629746; path=/; domain=.tomshardware.com; HttpOnly AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D0B071B1BDD053669AE851D1A6C75C94717DAB7C93AA6E3444B4C3132B635C7ABA995F44C651405729A1F2CB2A1AA58A;PATH=/;MAX-AGE=600 RAAS=Device%3D%3ECOMPUTER%3A%3ACountry%3D%3ENLD; expires=Sat, 14-Sep-2019 01:51:07 GMT; Max-Age=86400; path=/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html csrf_token=eyJodHRwcy1jb21tZW50IjoiaWdBZ3N6M3ozVENMcm1sVTU5OTFXNXNucUlzbVBadzJUdmVxa1pMTFJrMCIsImh0dHBzLXRvcGljIjoiMGIxazF5X0MzU2lLRnFOVHNkSkxRUU9FV0wxTklHekY5WmhpeXBDSGxZbyJ9; expires=Sun, 13-Oct-2019 01:51:07 GMT; Max-Age=2592000; path=/; httponly csrf_token=deleted; expires=Thu, 13-Sep-2018 01:51:06 GMT; Max-Age=0; path=/; httponly AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D775FDEF9F09C771E31A0331CF6FC0F55DEC62E5F5B6D14AA1E1DDB7908F8F945C9121A0545190372D5AA8968BF94328;PATH=/;MAX-AGE=600 csrf_token=deleted; expires=Thu, 13-Sep-2018 01:51:06 GMT; Max-Age=0; path=/; httponly AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D0B071B1BDD053669AE851D1A6C75C94212C4DB370C7D982E815F941C5220CCDD57BD8732E824FAC9274EED6C9D01D65;PATH=/;MAX-AGE=600 __uzma=5d7af60b5a7031.53586335; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/ AWSELB=EDF195731272FFDBC5733083E0E9AB761E003CE711D775FDEF9F09C771E31A0331CF6FC0F5717DAB7C93AA6E3444B4C3132B635C7ABA995F44C651405729A1F2CB2A1AA58A;PATH=/;MAX-AGE=600 csrf_token=deleted; expires=Thu, 13-Sep-2018 01:51:06 GMT; Max-Age=0; path=/; httponly __uzmd=1568339467; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/ __uzmc=415171044589; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/ __uzmb=1568339467; expires=Mon, 10-Sep-2029 01:51:07 GMT; Max-Age=315360000; path=/
surrogate-control
content="ESI/1.0"
vary
Accept-Encoding
x-enhanced_privacy
1
content-encoding
gzip
expires
Fri, 13 Sep 2019 01:51:07 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 13 Sep 2019 01:51:07 GMT
content-length
32016
css?family=Oswald:700%7CLato:400,700,900
fonts.googleapis.com
4 KB
705 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
65940d609958b09ab6c5fed5fc18b90143bfa39d650ae10251603787676656b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 13 Sep 2019 01:51:07 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 13 Sep 2019 01:51:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:07 GMT
tomshardware-us-site.edito.document.news.css?6.0.0-412
/css/compiled/grunt
321 KB
71 KB
Stylesheet
General
Full URL
https://www.tomshardware.com/css/compiled/grunt/tomshardware-us-site.edito.document.news.css?6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
149a13bb152bdd649d5d6f78bda48e878881481ad5ccac427233a2f404acfc82

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:25:59 GMT
server
nginx
etag
W/"5d138e87-50296"
vary
Accept-Encoding
content-type
text/css
status
200
content-length
72654
require.js
/js/Purch
17 KB
7 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/require.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
60cc830a1e5743074103f083093b41923ed2652dac412e569b00c5a67679771c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:27:06 GMT
server
nginx
etag
W/"5d138eca-4507"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
7403
Adblocked iris.js
pixel.servebom.com/serve_cdn/iris
319 KB
68 KB
Script
General
Full URL
https://pixel.servebom.com/serve_cdn/iris/iris.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
422831f28f752b517f0fecea8e7c4a8417478495ea69faebbdd9916f86bc6af0
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Thu, 10 Jan 2019 22:27:24 GMT
etag
"1547159244"
x-hw
1568339467.cds016.fr8.hn,1568339467.cds081.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=60148
accept-ranges
bytes
content-length
68980
Adblocked tomshardware.js
widgets.future-fie-assets.co.uk/js/w
54 KB
19 KB
Script
General
Full URL
https://widgets.future-fie-assets.co.uk/js/w/tomshardware.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.113.25.52 , United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
vif13.web.future.net.uk
Software
/
Resource Hash
386d182be945cbd6cfd6524d81debf17feceb212d25ea6f0171847cd06ce2af2
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:35:26 GMT
Content-Encoding
gzip
X-Hawk-Country
Xkey
asset-type-fie-widgets
Age
941
X-Hawk-Area
NL
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-assets
X-FTR-Cache-Status
HIT
Content-Length
18496
X-FTR-Expires
Fri, 13 Sep 2019 01:55:26 GMT
X-FTR-Balancer
hawk-proxy-185-113-25-40
X-FTR-Request-ID
00000000:C7E8_00000000:01BB_5D7AF60B_37D0C6:6F80
Last-Modified
Thu, 12 Sep 2019 15:39:22 GMT
X-Country-Code-Real
NL
ETag
"5d7a66aa-d912"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-FTR-Backend-Server
fievarnishprodred
Cache-Control
max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Expires
Fri, 13 Sep 2019 02:35:26 GMT
Adblocked hawklinks.js
gizmos.future-price.co.uk/hl
130 KB
43 KB
Script
General
Full URL
https://gizmos.future-price.co.uk/hl/hawklinks.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
vif10.web.future.net.uk
Software
/
Resource Hash
cd29d21893314080ddcd81e3e020256dc96eaffaa620e701abacffa9cf1bdd9b
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:44:27 GMT
Content-Encoding
gzip
X-Hawk-Country
Xkey
asset-type-fie-hawklinks
Age
400
X-Hawk-Area
NL
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-assets
X-FTR-Cache-Status
HIT
Content-Length
43519
X-FTR-Expires
Fri, 13 Sep 2019 02:04:27 GMT
X-FTR-Balancer
hawkproxyprodblue
X-FTR-Request-ID
00000000:2478_00000000:01BB_5D7AF60B_4ADC73:0420
Last-Modified
Mon, 09 Sep 2019 17:29:51 GMT
X-Country-Code-Real
NL
ETag
"5d768c0f-20691"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-FTR-Backend-Server
fievarnishprodwhite
Cache-Control
max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Expires
Fri, 13 Sep 2019 02:44:27 GMT
Adblocked OneSignalSDK.js
cdn.onesignal.com/sdks
17 KB
6 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2617768e184d5ddcc9a4e65b4780f0028502af41c54c438c18177bcaf581aa
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3061
etag
W/"73548930d8015a67a49758d8fe546f33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
515679697b9b8c86-VIE
expires
Fri, 13 Sep 2019 13:51:07 GMT
Adblocked LoadOneSignal.js
assets.purch.com/creative-templates/2.0.3-752/js/membership/OneSignal
10 KB
2 KB
Script
General
Full URL
https://assets.purch.com/creative-templates/2.0.3-752/js/membership/OneSignal/LoadOneSignal.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
d9959114d1f11cd1dcd2085649949381a5fb3398833588c1c65f4378d3da8160
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
DE535E61BF578220
status
200
content-length
1804
x-amz-id-2
dnLl9DhdhWLdvfI8q5UFkx8xa+Arn/AAWrtW+/zwiFZtYJCmRrMDMu5GpHyLD/z862umYkO1FM0=
last-modified
Wed, 27 Feb 2019 00:02:06 GMT
server
Akamai Resource Optimizer
etag
"f64d13de179d8acb8c7d9f33e517deff"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=81834
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 14 Sep 2019 00:35:01 GMT
Adblocked gtm.js?id=GTM-BPDQ&l=gtmDataLayer
www.googletagmanager.com
164 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-BPDQ&l=gtmDataLayer
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78d1b618a357028c70301b9ca6cac82092ceeb2303002b4fc09e687709acfb28
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
br
last-modified
Fri, 13 Sep 2019 00:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
39085
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:07 GMT
Adblocked tmnhead.js
ads.servebom.com
100 KB
29 KB
Script
General
Full URL
https://ads.servebom.com/tmnhead.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e0b29c74fd1c956b96b04e07bd9b2bdea2a7ad70a16697c757e50d92fc883e0e
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
status
200
x-hw
1568339467.dop010.fr8.t,1568339467.cds015.fr8.hn,1568339467.cds027.fr8.c
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/x-javascript
content-length
29728
Adblocked 99e-892d65ee034b?callback=gdprEmailModal&fl=message
privacy.purch.com/consent_config
455 B
568 B
Script
General
Full URL
https://privacy.purch.com/consent_config/99e-892d65ee034b?callback=gdprEmailModal&fl=message
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.151 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-77-209-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
16640aa38270a1fb624b741825d39997d8da464e0e9a667774584976c30fd7af
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
content-length
284
Adblocked REVISION.js?t=1568339467713
assets.purch.com/loe/latest
1 KB
1 KB
Script
General
Full URL
https://assets.purch.com/loe/latest/REVISION.js?t=1568339467713
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
224b4c4463a8a46413ccad3eb963dd475069ec38f8cc916c7f49d0b57fb384f6
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
2DBFD31EB3A637F3
status
200
content-length
612
x-amz-id-2
yNjio3vu/9AOwLak3lBylhvXsTwO687rDkYWpNXggSZV7RGYa+x2slWWkhyVSrrV5cq1fSACkMk=
last-modified
Fri, 14 Sep 2018 19:20:33 GMT
server
AmazonS3
etag
"c9f54e17121dd00257eac34a3502d1ec"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 02:06:08 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 19:26:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1751084
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14044
x-xss-protection
0
expires
Sat, 22 Aug 2020 19:26:23 GMT
logos-webfont.woff?v=1.1
/medias/fonts
11 KB
11 KB
Font
General
Full URL
https://www.tomshardware.com/medias/fonts/logos-webfont.woff?v=1.1
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
60c9efa39b02d58f131a535be880e6a54ed664f7711fd1e6fea0aeb0f9247e28

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/css/compiled/grunt/tomshardware-us-site.edito.document.news.css?6.0.0-412
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
last-modified
Wed, 26 Jun 2019 15:24:20 GMT
server
nginx
etag
"5d138e24-2c10"
status
200
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
11280
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 19:34:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
800188
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14176
x-xss-protection
0
expires
Wed, 02 Sep 2020 19:34:39 GMT
Verified fontawesome-webfont.woff2?v=4.6.3
/medias/fonts
70 KB
70 KB
Font
General
Full URL
https://www.tomshardware.com/medias/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Verified resource
semantic-ui/2.2.2/themes/default/assets/fonts/icons.woff2 at cdnjs.com, project semantic-ui
font-awesome/4.6.3/fonts/fontawesome-webfont.woff2 at cdnjs.com, project font-awesome

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/css/compiled/grunt/tomshardware-us-site.edito.document.news.css?6.0.0-412
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
last-modified
Wed, 26 Jun 2019 15:24:20 GMT
server
nginx
etag
"5d138e24-118d8"
status
200
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
content-length
71896
Verified jquery.min.js?v=6.0.0-412
/js/vendor/jquery
82 KB
34 KB
Script
General
Full URL
https://www.tomshardware.com/js/vendor/jquery/jquery.min.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Verified resource
jquery/2.1.4/jquery.min.js at cdnjs.com, project jquery

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:43 GMT
server
nginx
etag
W/"5d138eb3-1499c"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
34440
Lazy.js?v=6.0.0-412
/js/Purch/Utils
5 KB
2 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Utils/Lazy.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a175cbf7eca260f278807f80418cdf3127400f954eaff6c54d1fee746673c04

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-14e4"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1854
DelayedHover.js?v=6.0.0-412
/js/Purch/Utils
727 B
544 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Utils/DelayedHover.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9f4cc0c86b965baad53b82a8566ec251a701342a6b78928133c29b352ecfebfb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-2d7"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
395
DecodeLive.js?v=6.0.0-412
/js/Purch/Link
814 B
597 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Link/DecodeLive.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
86f152d91909c9ba3818ab45b066a3622177359831a7cdb1be02c3436a557d0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:54 GMT
server
nginx
etag
W/"5d138ebe-32e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
448
data:truncated
data:truncated
442 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a622a5492869d06cb5c9500a86fbd7d7d4b76c7519bb4f5c6235f3ba52223507

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v24
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v24/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d5a4c2bdbba3f1ed71f3f3141b434699ea99d152ab3cf2aef97f5eb80396b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Oswald:700|Lato:400,700,900
Origin
https://www.tomshardware.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 09:51:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:23 GMT
server
sffe
age
1180807
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
12992
x-xss-protection
0
expires
Sat, 29 Aug 2020 09:51:00 GMT
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: widgets.future-fie-assets.co.uk
URL: https://widgets.future-fie-assets.co.uk/js/w/tomshardware.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4055
date
Fri, 13 Sep 2019 00:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 13 Sep 2019 02:43:33 GMT
Adblocked ctAlertBox.js
assets.purch.com/creative-templates/latest/js/ctAlertBox
4 KB
2 KB
Script
General
Full URL
https://assets.purch.com/creative-templates/latest/js/ctAlertBox/ctAlertBox.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1a1a430bba6a9609ca2ffcb4826dc4c86c21254f6de9ab3f94f2b4b3294857f0
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
DFCE73F8F2F17954
status
200
content-length
1319
x-amz-id-2
u2wat6lifHva26QypaOnZC8hec1TABCvabVUO+a4zfQWMJWA3pqgmyYeOkMB/BobYJYcbD4kh+8=
last-modified
Tue, 23 Jul 2019 14:30:39 GMT
server
Akamai Resource Optimizer
etag
"6a66256a7888e61bcd9544ef9f15a119"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=11452
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 05:02:00 GMT
Adblocked 99e-892d65ee034b?callback=consentCallback&fl=message
privacy.purch.com/consent_config
456 B
567 B
Script
General
Full URL
https://privacy.purch.com/consent_config/99e-892d65ee034b?callback=consentCallback&fl=message
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.151 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-77-209-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a376bc6ff07faee0754e594bb41a34466e187ec5673bcaddcc5fd59eed7653f4
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
content-length
283
Adblocked 99e-892d65ee034b?callback=gdprInlineTemplate&fl=message
privacy.purch.com/consent_config
459 B
571 B
Script
General
Full URL
https://privacy.purch.com/consent_config/99e-892d65ee034b?callback=gdprInlineTemplate&fl=message
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.151 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-77-209-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6cd808314ced5a7419ba34788d3fef04b04698026ec6f183bdf93897ca2712b0
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=0
content-security-policy
upgrade-insecure-requests
content-length
286
Adblocked ;ord=1568339468031?
ad.doubleclick.net/ddm/ad/eahxyrjhz/iefurhvsm/rrhmxfi/zcfqvgi
43 B
491 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/ad/eahxyrjhz/iefurhvsm/rrhmxfi/zcfqvgi/;ord=1568339468031?
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RaasOffer.js?v=6.0.0-412
/js/Purch/Utils
6 KB
2 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Utils/RaasOffer.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f737a07ba72eb4e7b19772b2693d9aa89616c381d5863826f98552f7ef2d6c7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-16d7"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
2112
Sticky.js?v=6.0.0-412
/js/Purch/UI
588 B
437 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/UI/Sticky.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a564a1d1c9186ad0edcadc1e4481e0b88bef7147eb14e16dab97a9921b007d96

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-24c"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
288
Zoom.js?v=6.0.0-412
/js/Purch/UI
2 KB
1 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/UI/Zoom.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e63c91fd21a12a3c9aa4a20f05426ab3a4586b4f0dd01d6d992b9a7893afb453

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-88a"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
939
ResponsiveTableSlideshow.js?v=6.0.0-412
/js/Purch/Edito
909 B
594 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Edito/ResponsiveTableSlideshow.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7987950cdf446ddda468d2fd6a46006227b7841a4b1ea25c0db4000ed70743cb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-38d"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
445
ResponsiveTableVertical.js?v=6.0.0-412
/js/Purch/Edito
1 KB
702 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Edito/ResponsiveTableVertical.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f62e68af363b20ccb4468412e0e27736917c32223a1a2081d144c83f603b9720

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-450"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
553
ScrollProgressBar.js?v=6.0.0-412
/js/Purch/UI
783 B
536 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/UI/ScrollProgressBar.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62558122cb407fe0278ed5fcd92c7f0f93aae00d7991961a6ad3e38200c69f22

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-30f"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
387
News.js?v=6.0.0-412
/js/Purch/Edito
3 KB
1 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Edito/News.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7fb4018a1f96a54438701e6d9c42946d4f3b5460df241715b1a43b61dd80dd2b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-b8b"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1350
AlbumCss.js?v=6.0.0-412
/js/Purch/UI
830 B
605 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/UI/AlbumCss.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d2b3142732e81ca53c6b63f7beae965a3c0ce9ab8c518a728d9564f15015f0f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:54 GMT
server
nginx
etag
W/"5d138ebe-33e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
456
ExtendedTabs.js?v=6.0.0-412
/js/Purch/UI
894 B
566 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/UI/ExtendedTabs.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2f1c3393e8efaa723487522a5381781265133bdcff11f528edc2e347f7751583

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-37e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
417
CreateTopicForm.js?v=6.0.0-412
/js/Purch/Comments
2 KB
855 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Comments/CreateTopicForm.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
74f245bbd5da458a273f6508a3b192687d7a0beb286a03d6a3fa772f4a1c89d8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-7b1"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
706
CreateForm.js?v=6.0.0-412
/js/Purch/Comments
2 KB
1 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Comments/CreateForm.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3d3b320edeebe7003d76d523df6a7487fdd80866dd667c53a549c574cc0dc27c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-7ed"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
897
Pagination.js?v=6.0.0-412
/js/Purch/Comments
1 KB
789 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Comments/Pagination.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5c4438c3927fabe06de4d069236da188996cab73ded5bd52e9ec16f127d75329

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-533"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
640
Expand.js?v=6.0.0-412
/js/Purch/Comments
1 KB
685 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Comments/Expand.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ee9ebe8643a5e16dc15925347a5b75a474bbec4c97fb9a403cf7ab92eb4fc28a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-418"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
536
HideUselessTogglers.js?v=6.0.0-412
/js/Purch/UI
1 KB
685 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/UI/HideUselessTogglers.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cae34ef8e36cde06155510274dcf2a06c2e11d5c252588455fa93066834431aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-55d"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
536
ResizableTextarea.js?v=6.0.0-412
/js/Purch/Comments
800 B
583 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Comments/ResizableTextarea.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7189417a2ee7d987f89e9f1342e53b2d6dd60309a745cfc86fccb2ca325ca597

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-320"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
434
ArchiveForm.js?v=6.0.0-412
/js/Purch/Comments
1 KB
655 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Comments/ArchiveForm.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e2dcada15e4aca09547e8dd2ea5a7669c4939825ef015cfb031dbcd17f34133f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-410"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
506
InlineSignin.js?v=6.0.0-412
/js/Purch/User
3 KB
1 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/User/InlineSignin.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3bf0600760bc9486c9de52bbf516881e7f76c21acb45783f9a9a1fb70ceaaf39

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-a6e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1162
Adblocked buttons.js
ws.sharethis.com/button
55 KB
16 KB
Script
General
Full URL
https://ws.sharethis.com/button/buttons.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.86.25 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-86-25.deploy.static.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash
ccef0d063eddfebff1c3cfe89cf135fcc55f752970d967e74d72d07c4c363031
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:51:08 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
ETag
W/"5d72980e-ddb6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=218376
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
15777
Expires
Sun, 15 Sep 2019 14:30:44 GMT
Adblocked loader.js
ss.sharethis.com
19 KB
5 KB
Script
General
Full URL
https://ss.sharethis.com/loader.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:3600:16:876:8540:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65b86fc12f3832f3046d33dca119811267d118182b6e504d3862d8556e3cc71b
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:44:02 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2019 17:22:04 GMT
server
AmazonS3
age
566
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
55Xg2qcUVC4Pyw8QP5_Al23dfFFDxfx7sViSWsutH65PThCXMd3-6A==
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
Adblocked fbevents.js
connect.facebook.net/en_US
121 KB
32 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
I/e0lt/ohKLuKKE9UBMT9ps/0/JqlvDgufxWGgYpichpJ+K/T3p+5FPUN1KCG0IgQWXXRCk3RpUDMPXQsqXS7Q==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 13 Sep 2019 01:51:08 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked REVISION.js?t=1568339468099
assets.purch.com/loe/latest
1 KB
1 KB
Script
General
Full URL
https://assets.purch.com/loe/latest/REVISION.js?t=1568339468099
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
224b4c4463a8a46413ccad3eb963dd475069ec38f8cc916c7f49d0b57fb384f6
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
0D993E3A38B649A2
status
200
content-length
612
x-amz-id-2
CIqopilkZIbprmnSm7wI/2IhpL0HPRKW6Zr09w6hbBrqFixvJezVMXxR7iLkurtVHnU//D8vHb0=
last-modified
Fri, 14 Sep 2018 19:20:33 GMT
server
AmazonS3
etag
"c9f54e17121dd00257eac34a3502d1ec"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 02:06:08 GMT
Adblocked p.js
d1z2jf7jlzjs58.cloudfront.net
6 KB
3 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-37.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 00:42:06 GMT
Content-Encoding
gzip
Age
4142
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Fri, 07 Mar 2014 00:45:07 GMT
Server
nginx
ETag
"53191693-19c1"
Content-Type
application/x-javascript
Via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
7kPKpLi8dUAV0H50g1m_6AMwf2Q8jM3OQ0DJaX6ayNherSbkJMx31Q==
Expires
Sat, 14 Sep 2019 00:42:06 GMT
Adblocked b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-s...
sb.scorecardresearch.com
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicro...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicr...
0
248 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&c9=
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Sep 2019 01:51:08 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6257622&ns__t=1568339468094&ns_c=UTF-8&c8=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&c7=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&c9=
Pragma
no-cache
Date
Fri, 13 Sep 2019 01:51:08 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Adblocked microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=1568339468098&ja=1
secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news
Redirect Chain
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=156...
  • https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=156...
44 B
332 B
Image
General
Full URL
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=1568339468098&ja=1
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.74.162 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-74-162.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
server
nginx
status
200
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
server
nginx
status
302
location
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-205589h&cg=0&cc=1&si=https%3A//www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security%2C40379.html&rp=&ts=compact&rnd=1568339468098&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
Adblocked OneSignalPageSDKES6.js?v=150706
cdn.onesignal.com/sdks
214 KB
52 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3009
etag
W/"f4ebb281698a883231242a4d72c8502e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
5156796bbc138c86-VIE
expires
Mon, 16 Sep 2019 01:51:08 GMT
Adblocked 4794210819.js?v=6.0.0-412
cdn.optimizely.com/js
105 KB
39 KB
Script
General
Full URL
https://cdn.optimizely.com/js/4794210819.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:196::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd7effee6b55c00ccd8e55aad7c7b70044464e07ec245e0407bf382137787582
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
naNKCi80uBys13SK29CDVEsktLhgWAZc
content-encoding
gzip
etag
"f41a1262bbdfc1ce104bb6a11f074b3e"
x-amz-request-id
8C5014F77D543B02
status
200
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:196::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
39105
x-amz-id-2
LaXzA8pamUFpQDmpJ8h8p32dhvZMSQ5o+j70CsZ9JEtL3j6tH6A19GyP/6sGhprseF211BaR9bc=
last-modified
Wed, 09 May 2018 00:58:50 GMT
server
AmazonS3
date
Fri, 13 Sep 2019 01:51:08 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
518
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
cmp.js
quantcast.mgr.consensu.org
177 KB
44 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: ads.servebom.com
URL: https://ads.servebom.com/tmnhead.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c26fd569cbff7c7b33fe25517c92338cf7fee0beacb4fb93a55885eb506f01d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:41:14 GMT
content-encoding
gzip
last-modified
Wed, 28 Aug 2019 16:50:55 GMT
server
AmazonS3
age
1774
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
VSaHhGL0A1WakQBi102RuEFowX0nvsid9Sm2hxMxK0d3w4KJ_vejnw==
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js
40 KB
12 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.servebom.com
URL: https://ads.servebom.com/tmnhead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"277 / 198 of 1000 / last-modified: 1568323734"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
12668
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:08 GMT
Adblocked linkid.js
www.google-analytics.com/plugins/ua
2 KB
1000 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
843
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
856
x-xss-protection
0
expires
Fri, 13 Sep 2019 02:37:05 GMT
Adblocked collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%...
www.google-analytics.com/r
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAj~&jid=390481869&gjid=919848684&cid=2008756636.1568339468&tid=UA-87763359-6&_gid=711847519.1568339468&_r=1&z=674905907
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%...
www.google-analytics.com
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgEAj~&jid=1889132193&gjid=2105027957&cid=2008756636.1568339468&tid=UA-3642902-1&_gid=711847519.1568339468&gtm=2wg941BPDQ&z=1193356833
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Adblocked collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3642902-1&cid=2008756636.1568339468&jid=1889132193&gjid=2105027957&_gid=711847519.1568339468&_u=YGDAgEAj~&z=515434278
stats.g.doubleclick.net/r
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3642902-1&cid=2008756636.1568339468&jid=1889132193&gjid=2105027957&_gid=711847519.1568339468&_u=YGDAgEAj~&z=515434278
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Sep 2019 01:51:08 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%...
www.google-analytics.com/r
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAAEAj~&jid=614985359&gjid=1278772716&cid=2008756636.1568339468&tid=UA-3642902-30&_gid=711847519.1568339468&_r=1&gtm=2wg941BPDQ&z=1092070685
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 01:51:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%...
www.google-analytics.com
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1471192596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomshardware.com%2Fnews%2Fmicrosoft-phishing-campaign-captcha-scanners-security%2C40379.html&ul=en-us&de=UTF-8&dt=Hackers%20Use%20CAPTCHA%20to%20Launch%20Phishing%20Campaign&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgEAj~&jid=1357939824&gjid=1053814340&cid=2008756636.1568339468&tid=UA-3642902-8&_gid=711847519.1568339468&gtm=2wg941BPDQ&z=341268714
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 04:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1805825
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Adblocked collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3642902-8&cid=2008756636.1568339468&jid=1357939824&gjid=1053814340&_gid=711847519.1568339468&_u=YGDAgEAj~&z=1922528056
stats.g.doubleclick.net/r
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-3642902-8&cid=2008756636.1568339468&jid=1357939824&gjid=1053814340&_gid=711847519.1568339468&_u=YGDAgEAj~&z=1922528056
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 Sep 2019 01:51:08 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Templating.js?v=6.0.0-412
/js/Purch/Utils
621 B
532 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Utils/Templating.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4bc2fd808fd0b182a5fc595baa84b9cb1407b82265f2d8d38ae84fd1c3d9989a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-26d"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
383
en-GB.json
widgets.future-fie.co.uk/json
19 KB
7 KB
Fetch
General
Full URL
https://widgets.future-fie.co.uk/json/en-GB.json
Requested by
Host: widgets.future-fie-assets.co.uk
URL: https://widgets.future-fie-assets.co.uk/js/w/tomshardware.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
185.113.25.53 , United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
vif10.web.future.net.uk
Software
/
Resource Hash
16cbe3c07a7de9d209f1605b1655bbfc5f49cd75c2cde656c5e827f81964db43

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 01:48:26 GMT
Content-Encoding
gzip
X-Hawk-Country
Xkey
asset-type-fie-widgets
Age
161
X-Hawk-Area
NL
X-FTR-DC
IX
X-FTR-Realm
pip
X-FTR-Backend
fie-assets
X-FTR-Cache-Status
HIT
Content-Length
6149
X-FTR-Expires
Fri, 13 Sep 2019 02:08:26 GMT
X-FTR-Balancer
hawkproxyprodblue
X-FTR-Request-ID
00000000:2496_00000000:01BB_5D7AF60C_4ADC9A:0420
Last-Modified
Thu, 12 Sep 2019 15:39:22 GMT
X-Country-Code-Real
NL
ETag
"5d7a66aa-4c09"
Vary
Accept-Encoding
Content-Type
application/json
X-FTR-Backend-Server
fievarnishprodred
Cache-Control
max-age=300,public
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Expires
Fri, 13 Sep 2019 01:56:08 GMT
Adblocked emailModal.js?t=1568339468185
assets.purch.com/creative-templates/2.0.1-15
19 KB
7 KB
Script
General
Full URL
https://assets.purch.com/creative-templates/2.0.1-15/emailModal.js?t=1568339468185
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f45147a3a0824caa7bdbb3d05965136fd6951882e9ea46a70e99e5683b2b1f6c
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
7C547B7A1E99637C
status
200
content-length
6452
x-amz-id-2
PzPWAQspBbcV8sQpWQSrcsyFKyZQ/tqn6jO8O3d2taZ4y6mPGyKfR0XnaHfFLslVYWZZpkNgr3M=
last-modified
Tue, 16 Oct 2018 18:49:48 GMT
server
AmazonS3
etag
"8560cab6701238f99f729f5a2535a098"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 02:06:08 GMT
Adblocked 638852559596202?v=2.9.4&r=stable
connect.facebook.net/signals/config
307 KB
78 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/638852559596202?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6ee8af51d889c4224423b02e1ae948888c2e7091f771d3f91a9040141ef18779
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79754
x-xss-protection
0
pragma
public
x-fb-debug
nVMlIZrcd3qTszd2anVF0wua3ruHro/w9lj4DWsy9nUQXJu1YzmS+VDfkNEE0IHOyqr38mV3E/IMXQts6cE6OQ==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Fri, 13 Sep 2019 01:51:08 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked web?callback=__jp0
onesignal.com/api/v1/sync/0b183a06-ffb5-4d9f-a367-e2350046b824
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/0b183a06-ffb5-4d9f-a367-e2350046b824/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.7
Resource Hash
631c26b84a24e3c0bb9b1886bf9a5f6be607c6b98c44bd301f30ed3f753f71be
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1426
x-powered-by
Phusion Passenger 5.3.7
status
200, 200 OK
x-xss-protection
1; mode=block
x-request-id
d60a4a0f-f0c0-4f75-991e-f1ca6935207f
x-runtime
0.042765
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=2862
cf-ray
5156796c6c408c86-VIE
access-control-allow-headers
SDK-Version
expires
Fri, 13 Sep 2019 01:56:08 GMT
Refresher.js?v=6.0.0-412
/js/Purch/Utils
2 KB
841 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Utils/Refresher.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
35a5d05ee61823d9c34f1ba4a27551b48cde871108ac3836633420f77524e491

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-6b6"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
692
Ramp.js?v=6.0.0-412
/js/Purch/Utils
3 KB
1 KB
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Utils/Ramp.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dddb68e62a4aa1aab7e92f729fd320b051494e49ca154fb9a3e2fbde62b3ae96

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-bb6"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
1254
Verified jquery.form.js?v=6.0.0-412
/js/vendor/jquery-form
43 KB
14 KB
Script
General
Full URL
https://www.tomshardware.com/js/vendor/jquery-form/jquery.form.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
23fc25133ed072cdf7dae575213067b1da3c6843b2a0e489c8b7fc984c60ce6b
Verified resource
jquery.form/3.50/jquery.form.js at cdnjs.com, project jquery.form

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:43 GMT
server
nginx
etag
W/"5d138eb3-ab23"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
14493
parsley.js?v=6.0.0-412
/js/vendor/parsleyjs
53 KB
15 KB
Script
General
Full URL
https://www.tomshardware.com/js/vendor/parsleyjs/parsley.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d9f8e8b6aa67b032486a09048c53d52aad703493ff6d51042397815486920f0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:47 GMT
server
nginx
etag
W/"5d138eb7-d267"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
14939
FlashMessage.js?v=6.0.0-412
/js/Purch/UI
711 B
546 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/UI/FlashMessage.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1282da0b841df7e0c4af02c94a76f0bc5ecf17cb3784ad88e06f2a448c782531

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:55 GMT
server
nginx
etag
W/"5d138ebf-2c7"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
397
FormUtils.js?v=6.0.0-412
/js/Purch/Data
2 KB
960 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Data/FormUtils.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
206f9419d69ce8979a6524ab50a9645a45f3016158ed8414a996ff45f5da805b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:57 GMT
server
nginx
etag
W/"5d138ec1-62e"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
812
WebStorage.js?v=6.0.0-412
/js/Purch/Utils
1 KB
724 B
Script
General
Full URL
https://www.tomshardware.com/js/Purch/Utils/WebStorage.js?v=6.0.0-412
Requested by
Host: www.tomshardware.com
URL: https://www.tomshardware.com/js/Purch/require.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c34bd8633143a8b6a54b1cea34c82419540158471decbc97928cb2e7fc7a4fa9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 15:26:56 GMT
server
nginx
etag
W/"5d138ec0-4b8"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-length
575
Adblocked clickstream.js?2.4.0-28
assets.purch.com/loe/latest
7 KB
3 KB
Script
General
Full URL
https://assets.purch.com/loe/latest/clickstream.js?2.4.0-28
Requested by
Host: assets.purch.com
URL: https://assets.purch.com/loe/latest/REVISION.js?t=1568339467713
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.219.119 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-219-119.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
176b9a1d199712ee7e61c666f8c68d28a8c8d4c29f11d2880132fba21fa4d8c2
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
br
vary
Accept-Encoding
x-amz-request-id
EDCFED8F4D35D82F
status
200
content-length
2372
x-amz-id-2
pK/11csRxo40DQtFa9rf0pB3ayJudrni0PWBqBzPyxnaOhThThuhz4ROloqT4arXreAPi0azChA=
last-modified
Sat, 31 Aug 2019 02:07:26 GMT
server
Akamai Resource Optimizer
etag
"e3e2bd997a4309df6559cbab1a140368"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=48867
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 13 Sep 2019 15:25:35 GMT
Adblocked integrator.js?domain=www.tomshardware.com
adservice.google.de/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tomshardware.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
Adblocked integrator.js?domain=www.tomshardware.com
adservice.google.com/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tomshardware.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
Adblocked pubads_impl_2019082901.js
securepubads.g.doubleclick.net/gpt
158 KB
59 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomshardware.com/news/microsoft-phishing-campaign-captcha-scanners-security,40379.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Aug 2019 13:06:32 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
59716
x-xss-protection
0
expires
Fri, 13 Sep 2019 01:51:08 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v25
0
0
Document