www.tomsguide.com Open in urlscan Pro
199.232.194.114 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Submission Tags: falconsandbox
Submission: On July 11 via api (July 11th 2022, 2:06:38 am UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 25 domains to perform 68 HTTP transactions. The main IP is 199.232.194.114, located in United States and belongs to FASTLY, US. The main domain is www.tomsguide.com. The Cisco Umbrella rank of the primary domain is 44573.
TLS certificate: Issued by R3 on May 13th 2022. Valid for: 3 months.

This is the only time www.tomsguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.232.194.114 199.232.194.114	54113 (FASTLY) (FASTLY)
8	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
2	2600:9000:20e... 2600:9000:20eb:9800:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
12	8.253.204.116 8.253.204.116	3356 (LEVEL3) (LEVEL3)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
5	2600:9000:224... 2600:9000:2240:f000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	13.225.78.20 13.225.78.20	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.64.87.36 18.64.87.36	16509 (AMAZON-02) (AMAZON-02)
1	185.113.25.51 185.113.25.51	20596 (FUTURE) (FUTURE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	34.248.31.134 34.248.31.134	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b150:1cf:88dc:54d8:eec2	14618 (AMAZON-AES) (AMAZON-AES)
1	107.21.19.116 107.21.19.116	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223c:d000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:7400:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:8800:d:5ce3:a4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.192.243.114 18.192.243.114	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3 6	54.156.247.58 54.156.247.58	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:ef:... 2a02:26f0:ef::5f65:4db1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 4	52.59.173.142 52.59.173.142	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:444... 2600:1f18:444a:4680:94f0:86a5:229d:eb8a	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.154.32.144 54.154.32.144	16509 (AMAZON-02) (AMAZON-02)
1 2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 3	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
68	31

1 199.232.194.114 (United States)

ASN54113 (FASTLY, US)

www.tomsguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.114 (United States)

ASN54113 (FASTLY, US)

hawk.tomsguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:9800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 8.253.204.116 (United States)

ASN3356 (LEVEL3, US)

vanilla.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mos.fie.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

freyr.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bordeaux.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
champagne.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.servebom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2240:f000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-20.fra2.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.87.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-87-36.txl50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.113.25.51 (Sutton, United Kingdom)

ASN20596 (FUTURE, GB)

search-api.fie.future.net.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.31.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-31-134.eu-west-1.compute.amazonaws.com

sommelier.futurehybrid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:1cf:88dc:54d8:eec2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.19.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-116.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:8800:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rm-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.243.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-243-114.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.156.247.58 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-247-58.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5f65:4db1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

sli.tomsguide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.173.142 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-173-142.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:444a:4680:94f0:86a5:229d:eb8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.32.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-32-144.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-38.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	futurecdn.net vanilla.futurecdn.net — Cisco Umbrella Rank: 15433 freyr.futurecdn.net — Cisco Umbrella Rank: 14627 bordeaux.futurecdn.net — Cisco Umbrella Rank: 16437 champagne.futurecdn.net — Cisco Umbrella Rank: 16434 mos.fie.futurecdn.net — Cisco Umbrella Rank: 23215	318 KB
12	liadm.com 4 redirects b-code.liadm.com — Cisco Umbrella Rank: 3723 rp.liadm.com — Cisco Umbrella Rank: 2606 rp4.liadm.com — Cisco Umbrella Rank: 10858 i.liadm.com — Cisco Umbrella Rank: 543 i6.liadm.com — Cisco Umbrella Rank: 1491	22 KB
10	tomsguide.com www.tomsguide.com — Cisco Umbrella Rank: 44573 hawk.tomsguide.com — Cisco Umbrella Rank: 54915 sli.tomsguide.com — Cisco Umbrella Rank: 68684	245 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2293 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5736 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9900	180 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	2 KB
3	dotmetrics.net uk-script.dotmetrics.net — Cisco Umbrella Rank: 4332 rm-script.dotmetrics.net — Cisco Umbrella Rank: 5195	5 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1141	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 192	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2695 p1.parsely.com — Cisco Umbrella Rank: 2041	18 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3211	71 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 534	291 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 672	376 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	676 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 991	1 KB
1	google.de ampcid.google.de — Cisco Umbrella Rank: 48123	462 B
1	futurehybrid.tech sommelier.futurehybrid.tech — Cisco Umbrella Rank: 16897	602 B
1	servebom.com ads.servebom.com — Cisco Umbrella Rank: 13504	357 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 1722	533 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1029	10 KB
1	future.net.uk search-api.fie.future.net.uk — Cisco Umbrella Rank: 17182	2 KB
1	permutive.app 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 15217	264 KB
68	25

	Domain	Requested by
11	vanilla.futurecdn.net	www.tomsguide.com vanilla.futurecdn.net
8	hawk.tomsguide.com	www.tomsguide.com hawk.tomsguide.com
6	i.liadm.com	3 redirects b-code.liadm.com i.liadm.com
5	www.google-analytics.com	www.tomsguide.com www.google-analytics.com
5	quantcast.mgr.consensu.org	www.tomsguide.com quantcast.mgr.consensu.org
4	x.bidswitch.net	4 redirects
3	sb.scorecardresearch.com	1 redirects
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	i6.liadm.com	i.liadm.com
2	cm.g.doubleclick.net	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	cdn.onesignal.com	www.tomsguide.com cdn.onesignal.com
2	uk-script.dotmetrics.net	www.tomsguide.com
2	b-code.liadm.com	www.tomsguide.com b-code.liadm.com
1	mos.fie.futurecdn.net
1	b1sync.zemanta.com	1 redirects
1	trc.taboola.com	i.liadm.com
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	sli.tomsguide.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rm-script.dotmetrics.net	www.tomsguide.com
1	p1.parsely.com	www.tomsguide.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rules.quantcount.com	secure.quantserve.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	ampcid.google.de	www.google-analytics.com
1	sommelier.futurehybrid.tech	bordeaux.futurecdn.net
1	ads.servebom.com	bordeaux.futurecdn.net
1	ampcid.google.com	www.google-analytics.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	search-api.fie.future.net.uk	www.tomsguide.com
1	cdn.parsely.com	www.tomsguide.com
1	champagne.futurecdn.net	www.tomsguide.com
1	bordeaux.futurecdn.net	www.tomsguide.com
1	freyr.futurecdn.net	www.tomsguide.com
1	6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	www.tomsguide.com
1	www.tomsguide.com
68	40

This site contains links to these domains. Also see Links.

Domain
www.futureplc.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.pinterest.com
flipboard.com
www.awin1.com
forums.tomsguide.com

Subject Issuer	Validity	Valid
www.tomsguide.com R3	`2022-05-13` - `2022-08-11`	3 months	crt.sh
hawk.techradar.com R3	`2022-06-25` - `2022-09-23`	3 months	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
*.futurecdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-06` - `2023-07-06`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
freyr.futurecdn.net R3	`2022-06-09` - `2022-09-07`	3 months	crt.sh
*.cmp.quantcast.com R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
bordeaux.futurecdn.net R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
champagne.futurecdn.net R3	`2022-06-02` - `2022-08-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.dotmetrics.net Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
search-api.fie.future.net.uk R3	`2022-06-23` - `2022-09-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ads.servebom.com R3	`2022-05-12` - `2022-08-10`	3 months	crt.sh
sommelier.futurehybrid.tech R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sli.space.com R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Frame ID: 1278D9B11392D7D68D028AD6C1DB607A
Requests: 60 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-06t7?s=&cim=&ps=true&ls=true&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 0D3C72BE0BD7F7AC0EA9ACAED34B0AF3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404Tom's Guide

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

68
Requests

88 %
HTTPS

44 %
IPv6

25
Domains

40
Subdomains

31
IPs

5
Countries

1160 kB
Transfer

5030 kB
Size

32
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.futureplc.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Tomsguide/
Title: (opens in new tab)

Search URL Search Domain Scan URL

URL: https://twitter.com/tomsguide
Title: (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tomsguide/?hl=en
Title: (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCik8xvfR6s8GQ74QNEGNzwg
Title: (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/tomsguidepurch/
Title: (opens in new tab)

Search URL Search Domain Scan URL

URL: https://flipboard.com/@TomsGuide
Title: (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.awin1.com/awclick.php?awinmid=2961&awinaffid=103504&clickref=tomsguide-de-2946539780204565500&p=https%3A%2F%2Fwww.magazinesdirect.com%2Fcategories%2Ftech%2F
Title: Technology Magazines

Search URL Search Domain Scan URL

URL: https://forums.tomsguide.com/
Title: Forums (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/
Title: Visit our corporate site (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/
Title: Terms and conditions (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy/
Title: Cookies policy (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement/
Title: Accessibility Statement (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/advertising/
Title: Advertise (opens in new tab)

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/careers/
Title: Careers (opens in new tab)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://rp.liadm.com/j?dtstmp=1657505193752&aid=a-06t7&se=e30&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&tna=v2.4.0&pu=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&wpn=lc-bundle&c=PHRpdGxlPjQwNDwvdGl0bGU-PHRpdGxlPlRvbSdzIEd1aWRlPC90aXRsZT48aDE-U29ycnkhIFBhZ2Ugbm90IGZvdW5kLjwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1657505193752&aid=a-06t7&se=e30&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&tna=v2.4.0&pu=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&wpn=lc-bundle&c=PHRpdGxlPjQwNDwvdGl0bGU-PHRpdGxlPlRvbSdzIEd1aWRlPC90aXRsZT48aDE-U29ycnkhIFBhZ2Ugbm90IGZvdW5kLjwvaDE-&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6Ojg%3D&n3pc=true

Request Chain 52

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06t7%2F0%2Fc6469120ee0c429db2864faecaf5f924%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&3a73bb2b-139f-4b08-a757-f93f20b166a1 HTTP 302
https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=7156&muid=420562cb-85ab-4000-afc0-9909ea8ee136

Request Chain 54

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=3a73bb2b-139f-4b08-a757-f93f20b166a1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=419a6abf-6511-4243-af8e-d29fdc179b5a&google_hm=NDE5YTZhYmYtNjUxMS00MjQzLWFmOGUtZDI5ZmRjMTc5YjVh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=liveintent&bsw_param=419a6abf-6511-4243-af8e-d29fdc179b5a&google_hm=NDE5YTZhYmYtNjUxMS00MjQzLWFmOGUtZDI5ZmRjMTc5YjVh&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJjFFldFu-Awj3eGhm1JHIA&google_cver=1&ssp=liveintent&bsw_param=419a6abf-6511-4243-af8e-d29fdc179b5a HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a HTTP 303
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a

Request Chain 55

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06t7%2F0%2Fc6469120ee0c429db2864faecaf5f924%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06t7%2F0%2Fc6469120ee0c429db2864faecaf5f924%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=82775&muid=19243429336510830360381124562509555723

Request Chain 56

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=3a73bb2b-139f-4b08-a757-f93f20b166a1 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=3a73bb2b-139f-4b08-a757-f93f20b166a1&rd=Y

Request Chain 58

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Request Chain 65

https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request do-not-open-windows-10-update-sent-via-email-its-ransomware Show response
www.tomsguide.com/news/ 155 KB
47 KB 61ms
22ms Document
text/html 199.232.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e05f63bc7d192f836e2660648e2cc57e38204a55dfb600bddd58f01cd7111313

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 67577
cache-control: max-age=30,public
content-encoding: gzip
content-length: 46791
content-type: text/html; charset=utf-8
date: Mon, 11 Jul 2022 02:06:33 GMT
last-modified: Sun, 10 Jul 2022 01:20:37 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-age: 0
x-cache: MISS-CLUSTER
x-cache-control: max-age=30,public
x-cache-hits: 1, 0
x-country-code: US
x-country-code-real: DE
x-ftr-backend: varnish-panther
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk fte-varnish-prod-panther-2
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-ftr-buildid: 3_10/Jul/2022:01:20:37.237_/news/do-not-open-windows-10-update-sent-via-email-its-ransomware_:V1:H1:R:V3:H3:O
x-ftr-cache-status: HIT
x-ftr-request-id: 7005da5c-4c0c-42a9-99f3-ac3654c3e04d 00000000000000000000FFFFA752A516:82D8_00000000000000000000FFFFB9711938:01BB_62CA7D5D_ACC923F:1F167D
x-ftr-trace: V2:H2:R:V3:
x-ftr-ttl: 0
x-resp-is-stale: true
x-served-by: cache-lon11651-LON, cache-fra19149-FRA
x-timer: S1657505193.432050,VS0,VE15
xkey: tomsguide-version-500534 tomsguide-server-phpfpm-58d8db7fd-frblq

GET
H2 200 promotion.min.css
hawk.tomsguide.com/css/browser/16.26.7-57c9781e51685a1b0e611d8c457af11a8238ad31/ 125 KB
11 KB 41ms
7ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/16.26.7-57c9781e51685a1b0e611d8c457af11a8238ad31/promotion.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c2ae0dc857a0f6582fda4c1c099c9a8d55290474211f151981435e62b78a30c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 382106
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 10813
x-ftr-expires: Wed, 13 Jul 2022 15:58:06 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: HIT, HIT
x-ftr-request-id: 00000000:11D6_00000000:01BB_62C5B13E_294A8C3:2957
last-modified: Wed, 06 Jul 2022 15:55:43 GMT
x-timer: S1657505193.492852,VS0,VE0
etag: W/"62c5b07f-1f25e"
x-served-by: cache-lon11643-LON, cache-fra19153-FRA
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=604800, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 15

GET
H2 200 tg.min.css
hawk.tomsguide.com/css/browser/ 5 KB
2 KB 41ms
8ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/tg.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecedba532a12df44f5a0e0546873855d5223a48c11591930a9784532efdb2d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 633
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 1877
x-ftr-expires: Mon, 11 Jul 2022 01:15:30 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-cache: HIT, HIT
x-ftr-request-id: 00000000:ED24_00000000:01BB_62CB7510_66A9F7D:401D
last-modified: Wed, 06 Jul 2022 15:55:43 GMT
x-timer: S1657505193.492841,VS0,VE1
etag: "62c5b07f-1534"
x-served-by: cache-lon11651-LON, cache-fra19153-FRA
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 responsive.js Show response
hawk.tomsguide.com/js/w/es6/ 411 KB
134 KB 23ms
9ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/responsive.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1af8a10c6198cf2d75bef019db6823e5357d7c658f62996390f85d73a80618d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 634
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 136152
x-ftr-expires: Mon, 11 Jul 2022 00:15:50 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: HIT, HIT
x-ftr-request-id: 00000000:094A_00000000:01BB_62CB6704_4A1BBC9:295C
last-modified: Wed, 06 Jul 2022 15:55:43 GMT
x-timer: S1657505193.494806,VS0,VE1
etag: "62c5b07f-66d00"
x-served-by: cache-lon4278-LON, cache-fra19170-FRA
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 a-06t7.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 53ms
8ms Script
application/javascript 2600:9000:20eb:9800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-06t7.min.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5220d9201f54033f975ceefc9405f7aad17201caf309a89ff772ce9b7919f3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 05:14:27 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
age: 75126
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
x-amz-cf-id: -wmGR1IYs4LzC0KaPeGpOiSjHcIpiG-RFLX4DEifs2_e6NkZSsptUQ==

GET
H/1.1 200
OK OpenSans.woff2
vanilla.futurecdn.net/tomsguide/500534/media/fonts/ 10 KB
11 KB 397ms
8ms Font
font/woff2 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/500534/media/fonts/OpenSans.woff2

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

12b9d92963b594157b22adeebfbcf463b80c5d504f0fefe3bee1533e20a996c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 16:19:43 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 208010
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10191
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:7EFF_00000000:0050_62C8591E_AC01A5:1AEE
referrer-policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: font/woff2
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Sun, 07 Aug 2022 16:20:46 GMT

GET
H/1.1 200
OK OpenSans-Semibold.woff2
vanilla.futurecdn.net/tomsguide/500534/media/fonts/ 10 KB
11 KB 397ms
9ms Font
font/woff2 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/500534/media/fonts/OpenSans-Semibold.woff2

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 16:19:43 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 208010
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10363
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:BEC4_00000000:0050_62C8591F_BE2DA6:7279
Referrer-Policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: font/woff2
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Sun, 07 Aug 2022 16:20:46 GMT

GET
H/1.1 200
OK OpenSans-Bold.woff2
vanilla.futurecdn.net/tomsguide/500534/media/fonts/ 10 KB
11 KB 396ms
7ms Font
font/woff2 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/500534/media/fonts/OpenSans-Bold.woff2

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 16:19:43 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 208010
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10258
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:C176_00000000:0050_62C8591F_5C022D:1AED
Referrer-Policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: font/woff2
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
access-control-allow-origin: *
X-Content-Type-Options: nosniff
Expires: Sun, 07 Aug 2022 16:20:46 GMT

GET
H/1.1 200
OK tomsguide.woff
vanilla.futurecdn.net/tomsguide/500534/media/fonts/ 7 KB
8 KB 398ms
10ms Font
font/woff 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/500534/media/fonts/tomsguide.woff

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

db19a20a4f38fc3a68afe595388f29b42587ce4e74bd4cb1d3a9f65972c28ea6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 16:19:43 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 208010
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 7042
x-xss-protection: 1; mode=block
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:CD99_00000000:0050_62C8591E_AC019A:1AEE
Referrer-Policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: font/woff
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-content-type-options: nosniff
Expires: Sun, 07 Aug 2022 16:20:46 GMT

GET
H/1.1 200
OK tomsguide.min.css
vanilla.futurecdn.net/tomsguide/500534/media/css/ 359 KB
49 KB 397ms
9ms Stylesheet
text/css 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/500534/media/css/tomsguide.min.css

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

ecce228745126f5c213f56d5fb8d97a43079f53e2fc83a4cded0075da5fade56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 16:19:43 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 208010
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 49322
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:6B33_00000000:0050_62C8591B_5685C7:7277
referrer-policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css; charset=UTF-8
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Sun, 07 Aug 2022 16:20:46 GMT

GET
H/1.1 200
OK main.c2f4d96b06e3291c4de5.bundle.js Show response
vanilla.futurecdn.net/tomsguide/500534/media/shared/js/ 347 KB
92 KB 399ms
10ms Script
application/javascript 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/500534/media/shared/js/main.c2f4d96b06e3291c4de5.bundle.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

aa94851a973545354a9cf83b885d3cfe25981fe90a6c90d3ad1023a3bd2c889a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 16:19:43 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 208010
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 93323
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:8087_00000000:0050_62C8591D_5685D5:7277
referrer-policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Sun, 07 Aug 2022 16:20:59 GMT

GET
H/1.1 200
OK missing-image.svg
vanilla.futurecdn.net/tomsguide/media/img/ 15 KB
5 KB 14ms
9ms Image
image/svg+xml 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanilla.futurecdn.net/tomsguide/media/img/missing-image.svg

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

5a292d2f224a634f7f47110eaeebd9b006c25a24bdde2099bd6475ce7f565579

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 15:46:55 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 2110778
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3936
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:9D2D_00000000:0050_62AB506B_7AFD9:2352
referrer-policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Tue, 09 Aug 2022 09:14:27 GMT

GET
H2 200 6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js Show response
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 961 KB
264 KB 60ms
30ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f99df25793cd6d506f39faad8be261bef18fc93dd54eadc33f017fbc59203a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 6093eccf-6734-4877-ac8b-83d6d0e27b46
age: 631
x-guploader-uploadid: ADPycdt5cx33NZHVePiGuUj3CsvSz1O1qKfpVcq-21HHO-6dI80gVP9RJwpdFNLYeAgohX4lamz3ZVJaqmVJlvQpcYOCAg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Sat, 09 Jul 2022 17:54:40 GMT
server: cloudflare
etag: W/"2b044ec21a456638b4d8867d07ce3ee6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=BifkaA==, md5=KwROwhpFZji02IZ9B84+5g==
x-goog-generation: 1657389280342884
cache-control: public, max-age=900
x-goog-stored-content-length: 277964
cf-ray: 728dfb037b8e9c0d-FRA
expires: Mon, 11 Jul 2022 02:21:33 GMT

GET
H2 200 freyr.js Show response
freyr.futurecdn.net/ 69 KB
17 KB 45ms
11ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://freyr.futurecdn.net/freyr.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

b962298dc9295283d343e926a4fb9c92df1867ad6e9c9420326c74289da97b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 14:46:46 GMT
server: nginx/1.19.0
etag: W/"62b47cd6-11567"
strict-transport-security: max-age=15724800; includeSubDomains
freyr-version: 4.0.1
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=518
accept-ranges: bytes
content-length: 17572
x-hw: 1657505193.cds164.fr8.hn,1657505193.cds041.fr8.c

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.tomsguide.com/ 6 KB
2 KB 49ms
15ms Script
application/javascript 2600:9000:2240:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.tomsguide.com/choice.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d842cf9d834cfd4d63771d7d5bc1344c634fbcb5958b4e4b71f6963ac64773f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 08:41:16 GMT
server: AmazonS3
age: 8
etag: W/"dcf8d29089c09f7f63fc3c24ac43a1ab"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Cgxlx_BncP0cDBaip1MhFDulE8Q1MkA8y3W_pjnLLcr5RUx0ERoicQ==

GET
H2 200 bordeaux.js Show response
bordeaux.futurecdn.net/ 269 KB
75 KB 44ms
11ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

2d57f2798d971f5368ceab357b317ff1794ffa5111302afecc6ef9af1f01e536

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 11:40:47 GMT
server: nginx/1.19.0
etag: W/"62c574bf-432a7"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1657505193.cds155.fr8.hn,1657505193.cds215.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
bordeaux-version: 4.26.2
content-length: 76838

GET
H2 200 champagne.js Show response
champagne.futurecdn.net/ 44 KB
15 KB 56ms
11ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://champagne.futurecdn.net/champagne.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

38443a71154cc85ec50ba67abc25af25c574c7d84825b22293ceb155eb14c1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
Origin: https://www.tomsguide.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 13:56:41 GMT
server: nginx/1.19.0
champagne-version: 1.2.11
etag: W/"624d9c19-ae82"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1657505193.cds122.fr8.hn,1657505193.cds131.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 14986

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
12ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4225
date: Mon, 11 Jul 2022 00:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 11 Jul 2022 02:56:08 GMT

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 8 KB
3 KB 96ms
34ms Script
application/javascript 13.225.78.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?d=www.tomsguide.com&t=tg
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-20.fra2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 945b9cbb4b1dfdabe7d762a4b33144ea8187e09fbef5ef5c1ad7e483c501100c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA2-C2
etag: ".www.tomsguide.com.tg.208.2022071102"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: zd3sOSuLJFylKYEtosotR9QD7h4l8Tt1jKzGuuXa5qyOrm3AznhrgA==

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 39ms
21ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 728dfb036dfb92a2-FRA
date: Mon, 11 Jul 2022 02:06:33 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1657
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Jul 2022 02:06:33 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/tomsguide.com/ 47 KB
18 KB 99ms
22ms Script
application/javascript 18.64.87.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/tomsguide.com/p.js
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.87.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-87-36.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 2e3b72b73c3515d726bf930bf8911fc70746f4cd1763b0b432fee146c5e202ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Sun, 10 Jul 2022 22:46:05 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 19:07:47 GMT
server: nginx
age: 12028
etag: W/"60467603-bd2e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 00d7096d979158a97e3d45ef36d6ae4a.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: TRnu8c-2lv78-LqUzi1VihOTrwSTJuDdLxNYCpZmzg1cXXcwUpCcUw==
expires: Mon, 11 Jul 2022 22:46:05 GMT

GET
H/1.1 200
OK no-image-available.svg
search-api.fie.future.net.uk/img/misc/ 4 KB
2 KB 152ms
23ms Image
image/svg+xml 185.113.25.51
FUTURE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://search-api.fie.future.net.uk/img/misc/no-image-available.svg
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 185.113.25.51 Sutton, United Kingdom, ASN20596 (FUTURE, GB),
Reverse DNS
Software: /
Resource Hash: 4ec3c004ee334755536b515e20d63b626396d89ec4b6f0d1e060e2e01108a158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 01:49:50 GMT
Content-Encoding: gzip
X-Hawk-Country
Xkey: asset-type-fie-widgets
Age: 1002
X-Hawk-Area: DE
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: fie-assets
X-FTR-Cache-Status: HIT
Content-Length: 1459
X-FTR-Expires: Mon, 11 Jul 2022 02:09:50 GMT
X-FTR-Balancer: hawk-proxy-185-113-25-40
X-FTR-Request-ID: 00000000:B572_00000000:01BB_62CB85A9_22784DF:4019
Surrogate-Key: asset-type-fie-widgets
Last-Modified: Wed, 06 Jul 2022 15:55:43 GMT
ETag: "62c5b07f-e3e"
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-FTR-Backend-Server: fievarnishprodred
Cache-Control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
Accept-Ranges: bytes
Access-Control-Allow-Origin: *

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 22ms
20ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 728dfb03ce3c92a2-FRA
date: Mon, 11 Jul 2022 02:06:33 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1656
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Jul 2022 02:06:33 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 43ms
8ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.tomsguide.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
etag: "Sy8yk7L2ihxjBP+YyKUKJg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 18 Jul 2022 02:06:33 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/40/ 177 KB
44 KB 15ms
14ms Script
text/javascript 2600:9000:2240:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2.js?referer=www.tomsguide.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.tomsguide.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c681185172b31540ba25420b054eb68c41fc623b7396cf7002b0b561abfd6660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: br
age: 28
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 13 May 2022 16:53:18 GMT
server: AmazonS3
etag: W/"7ceb23d8e799a5d2e886219d1bea7d5d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: w8ZtIa2YycL96LgcCMrXakeZAgvz_fJNc4cwDjrUAs60ss7xXf82mw==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
533 B 77ms
21ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tomsguide.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 hybrid_id Show response
ads.servebom.com/ 43 B
357 B 149ms
107ms Fetch
application/json 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servebom.com/hybrid_id
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 3fd4241f120e0bf4d7d2c6ef66e0a29704e089eaf14484e2e434873714eb03a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.tomsguide.com
date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 69
x-hw: 1657505193.cds164.fr8.hn,1657505193.cds125.fr8.sc,1657505193.cds125.fr8.p
content-type: application/json

GET
H2 200 config Show response
sommelier.futurehybrid.tech/ 587 B
602 B 126ms
31ms Fetch
application/json 34.248.31.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sommelier.futurehybrid.tech/config?r=365&tpl=error&l=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.248.31.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-31-134.eu-west-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

24085d68bea58b22f39cb290e7ebc0d993fcf51df6a3e20fd24f15beebcd958a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
462 B 116ms
56ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tomsguide.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
BLOB 200
OK b1acbb9c-2bfb-464b-832d-308f4c5fbd46
https://www.tomsguide.com/ 675 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tomsguide.com/b1acbb9c-2bfb-464b-832d-308f4c5fbd46
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 924a2c1c303fe3ffb0db525fe1fb9fecc5fa6752c6694eab84e55673ef10f228

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 690826

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
6 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:9800:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-06t7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 29 Jun 2022 13:25:58 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
age: 996036
etag: "ae5e94de938b0387eda6df8f20da811a"
x-cache: Hit from cloudfront
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 5904
x-amz-cf-id: W-17X_HSzOMSxXpF_u5w6LOwY4fLPvqTU-RPGwudPs_HIvrZG6fLdw==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1657505193752&aid=a-06t7&se=e30&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&tna=v2.4.0&pu=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent...
https://rp4.liadm.com/j?dtstmp=1657505193752&aid=a-06t7&se=e30&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&tna=v2.4.0&pu=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sen...

46 B
584 B

353ms
95ms

XHR
application/json

107.21.19.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1657505193752&aid=a-06t7&se=e30&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&tna=v2.4.0&pu=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&wpn=lc-bundle&c=PHRpdGxlPjQwNDwvdGl0bGU-PHRpdGxlPlRvbSdzIEd1aWRlPC90aXRsZT48aDE-U29ycnkhIFBhZ2Ugbm90IGZvdW5kLjwvaDE-&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6Ojg%3D&n3pc=true

Protocol

Server

107.21.19.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-19-116.compute-1.amazonaws.com

Software

Resource Hash

9704b0745aaff2d2ecbfc16363a2fe99d52201209300e4c6d0a03a9708ecf80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:34 GMT
x-pixel-event-id: 14dc021f-e598-4540-821a-82a38c72c72f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 76e9b4ffaee6e5b9
request-time: 0
content-length: 46
x-content-type-options: nosniff

Redirect headers

date: Mon, 11 Jul 2022 02:06:34 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1657505193752&aid=a-06t7&se=e30&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&tna=v2.4.0&pu=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&wpn=lc-bundle&c=PHRpdGxlPjQwNDwvdGl0bGU-PHRpdGxlPlRvbSdzIEd1aWRlPC90aXRsZT48aDE-U29ycnkhIFBhZ2Ugbm90IGZvdW5kLjwvaDE-&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6Ojg%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.tomsguide.com
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 60584f6d4865e2c9
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H2 200 rules-p-uer8ZPXHG8WDU.js Show response
rules.quantcount.com/ 1 KB
1 KB 60ms
7ms Script
application/javascript 2600:9000:223c:d000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-uer8ZPXHG8WDU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd058e51526b3cec4f24d62da25e068dddd98f10809f5f46cde0013c006d8607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:20:33 GMT
content-encoding: gzip
age: 2762
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 15:45:03 GMT
server: AmazonS3
etag: W/"0c287fb1be55ca2e77fb3cd36cbe5ae8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: KdJZ3dAJr0zmJ00PArXEK4ctZ03l2hH3hmKpUajO55bwyGsqgbo2Ig==

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 39ms
8ms XHR
application/json 2600:9000:21f3:7400:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2.js?referer=www.tomsguide.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd6e08d5b2f4112a6817f301788849cb7ce7ee3c9d90cfcdf3ae1df11fdfc9d4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 03:00:41 GMT
content-encoding: br
age: 83153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Sun, 03 Jul 2022 19:52:29 GMT
server: AmazonS3
etag: W/"8d4abac577a6a7cf4c78294c617614ed"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: CPJ0zd85OTR2hj4XUOdjuF6bC1Urt7td
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: VUOv4dmfMeKLRU7jhTLIiWnk-QHJ8653Ia3_RGyMc-0Nrn9MhavQPw==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 128ms
28ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1657505193801&plid=27903874&idsite=tomsguide.com&url=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&sref=&sts=1657505193798&slts=0&title=404&date=Mon+Jul+11+2022+02%3A06%3A33+GMT%2B0000+(GMT)&action=pageview&pvid=25144474&u=pid%3D0f94b041e747165828e50accf1f7014e
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 02:06:33 GMT
Cache-Control: no-cache
Last-Modified: Monday, 11-Jul-2022 02:06:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/40/ 228 KB
59 KB 8ms
7ms Script
text/javascript 2600:9000:2240:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2.js?referer=www.tomsguide.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 350786f64e0b10bb61083f97962b7d0e490ccb41eabad5189059e17d4b3a6b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 00:55:06 GMT
content-encoding: gzip
age: 90688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 13 May 2022 16:53:22 GMT
server: AmazonS3
etag: W/"a69e17fb2f729417757e5fbbee7ccc37"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Vjd7k1lIrR7o4LKsST4W0tWeqzUyhOI6EAusUxS6lkdUo-bddeP5UQ==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 303 KB
36 KB 29ms
6ms XHR
application/json 2600:9000:2240:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2.js?referer=www.tomsguide.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7f423b225e6202de06913ffd607a71ea622478d518301f145f078adf9051db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 03:00:36 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 83158
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 10 Jul 2022 03:00:33 GMT
server: AmazonS3
etag: W/"b1b054257c462eeda4547160c26b0252"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: AzKrL_c0gbAFszUlUjTN5OKlJ2KttSR8SlxXFx_7d8Bq8-y0dFO1-g==

GET
H2 200 hit.gif
uk-script.dotmetrics.net/ 43 B
1 KB 81ms
80ms Image
image/gif 13.225.78.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uk-script.dotmetrics.net/hit.gif?id=5242&url=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&dom=www.tomsguide.com&r=1657505193836&pvs=1&pvid=eb401406-205b-42e6-b673-746e7f1f3451&c=false&tzOffset=0
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-20.fra2.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:33 GMT
dotmetrics-hit-status: 01 OK
server: Kestrel
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: ql8mnCLK0F61VOI3nsKKdeBVyISyjhgXGQvGc801ni0YASganCOYvQ==

GET
H2 200 hit.gif
rm-script.dotmetrics.net/ 807 B
1 KB 83ms
8ms Image
image/gif 2600:9000:21f3:8800:d:5ce3:a4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rm-script.dotmetrics.net/hit.gif?id=5242&url=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&dom=www.tomsguide.com&r=1657505193836&pvs=1&pvid=eb401406-205b-42e6-b673-746e7f1f3451&c=false&tzOffset=0
Requested by: Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8800:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 13:21:12 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
last-modified: Mon, 04 Apr 2022 10:59:12 GMT
server: AmazonS3
age: 55726
etag: "e4f758e6322c8f8abfa1f6eba71ee873"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 807
x-amz-cf-id: xIFmi27wTPzVJtGUwWa2y6W9OLFrnJeuCjq2wy2yRFBgD6DYIJQt7w==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 152 KB
36 KB 35ms
13ms XHR
application/json 2600:9000:2240:f000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2.js?referer=www.tomsguide.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:f000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d708f3d2560b73d6f4ea869b1470bb52ec8e0cbaca4fb164a766ab54891bb6a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 03:01:34 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 83099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 10 Jul 2022 03:01:32 GMT
server: AmazonS3
etag: W/"cfe967e182ff1f613f62204ff3730eaa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: bZA8PKmIxgJEjvdvV-iWBsbMwJ33TRRKfR7dWGCW-Djsjbdpo7GSMg==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 49ms
8ms XHR
text/plain 18.192.243.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22uer8ZPXHG8WDU%22%2C%22domain%22%3A%22www.tomsguide.com%22%2C%22publisher%22%3A%22Tom%27s%20Guide%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.40%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22mFQ2WSm0NQmhaCElpiwu2A%22%2C%22clientTimestamp%22%3A1657505193871%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-dehwvmai8kmms4isgmk%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.243.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-243-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Jul 2022 02:06:33 GMT
content-length: 2
content-type: text/plain; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72111741-10&cid=2121409878.1657505194&jid=1876557556&gjid=1193683744&_gid=591614542.1657505194&_u=aGBAgEABBAQCAE~&z=1561201387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Jul 2022 02:06:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 63ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=954206411&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABBAQC~&jid=1876557556&gjid=1193683744&cid=2121409878.1657505194&tid=UA-72111741-10&_gid=591614542.1657505194&cd57=null&cd51=false&cd58=&cd74=&cd13=false&cd10=US&cd31=9.6&cd30=4g&z=129188324

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jul 2022 13:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45131
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 63ms
14ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=954206411&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=future_id&ea=set%20hybrid_id&el=&_u=aGBAgEABBAQCAE~&jid=&gjid=&cid=2121409878.1657505194&tid=UA-72111741-10&_gid=591614542.1657505194&cd57=null&cd51=false&cd58=&cd74=&cd13=false&cd10=US&cd31=9.6&cd30=4g&cd77=C759460AC30D407781112DB4CBE7D620&z=525797539

Requested by

Host: www.tomsguide.com
URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jul 2022 13:34:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45131
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK xenforo-comments-readmore.cb973ab2105a7b8cf934.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 13ms
12ms Script
application/javascript 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/xenforo-comments-readmore.cb973ab2105a7b8cf934.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/500534/media/shared/js/main.c2f4d96b06e3291c4de5.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

ab07aa35915f4b920dd8e09a9786af753ed0c736a8b325a7bcf411111548f40e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 11:16:25 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 139809
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 976
x-xss-protection: 1; mode=block
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:7721_00000000:0050_62C96386_35A0B:441E
Referrer-Policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-content-type-options: nosniff
Expires: Mon, 08 Aug 2022 11:16:25 GMT

GET
H/1.1 200
OK suggestion-box.131cbd19515bf10a47ce.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 19 KB
4 KB 18ms
17ms Script
application/javascript 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/suggestion-box.131cbd19515bf10a47ce.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/500534/media/shared/js/main.c2f4d96b06e3291c4de5.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

d60d916ba199f3562c1113649c427e8546ec20f39447fc78ef99f68a47060263

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 25 Jun 2022 10:52:01 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 1350873
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2757
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:9047_00000000:0050_62B6E8D0_12ABF5:3684
referrer-policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Mon, 25 Jul 2022 10:52:02 GMT

GET
H/1.1 200
OK sticky-footer.1323eb2b000eaae1130f.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 15ms
14ms Script
application/javascript 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/sticky-footer.1323eb2b000eaae1130f.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/500534/media/shared/js/main.c2f4d96b06e3291c4de5.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

526adcba8efa179e2e1e2865fb5befe0f2f69b8d9b59368f04741b49245277d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 16:56:17 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 810617
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1084
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprodred
X-FTR-Request-ID: 00000000:6D72_00000000:0050_62BF2730_5771B:1AED
referrer-policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Mon, 08 Aug 2022 13:01:46 GMT

GET
H/1.1 200
OK nav-subscribe.a221d1d57dce57ec8fed.chunk.js Show response
vanilla.futurecdn.net/tomsguide/media/shared/js/ 2 KB
2 KB 59ms
39ms Script
application/javascript 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://vanilla.futurecdn.net/tomsguide/media/shared/js/nav-subscribe.a221d1d57dce57ec8fed.chunk.js

Requested by

Host: vanilla.futurecdn.net
URL: https://vanilla.futurecdn.net/tomsguide/500534/media/shared/js/main.c2f4d96b06e3291c4de5.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

8.253.204.116 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Footprint Distributor V6.1.1162 /

Resource Hash

6ff112c18368541d7ed900403252884e9f7388b704ae7343a1fd08a4f3384374

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 25 Jun 2022 10:52:06 GMT
Content-Encoding: gzip
X-CS-Bucket: van-ass-prod
Age: 1350868
X-FTR-DC: IX
X-Smartersafe-Version
X-FTR-Realm: pip
X-FTR-Backend: van-prod
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 954
X-XSS-Protection: 1; mode=block
X-FTR-Balancer: webproxyprod01
X-FTR-Request-ID: 00000000:97DC_00000000:0050_62B6E8D2_10FB4C:727A
Referrer-Policy: no-referrer-when-downgrade
Server: Footprint Distributor V6.1.1162
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
X-FTR-Backend-Server: http.van-prod
Cache-Control: public, max-age=2592000
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self' http: https: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Mon, 25 Jul 2022 10:52:06 GMT

GET
H/1.1 200
OK a-06t7 Show response
i.liadm.com/s/c/ Frame 0D3C 1 KB
1 KB 449ms
113ms Document
text/html 54.156.247.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-06t7?s=&cim=&ps=true&ls=true&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.247.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-247-58.compute-1.amazonaws.com

Software

Resource Hash

d2177c3baaef8bb4a8bbb0a15eafd9c53d47be47566b204bf6b85613fa68a811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tomsguide.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 673
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Jul 2022 02:06:34 GMT
ETag: 1.61803398874
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H/1.1 200
OK baker
sli.tomsguide.com/ 19 B
366 B 98ms
18ms Image
image/gif 2a02:26f0:ef::5f65:4db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.tomsguide.com/baker?dtstmp=1657505194571
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5f65:4db1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Jul 2022 02:06:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 11 Jul 2022 02:06:34 GMT
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

GET
H2 200 translations.php Show response
hawk.tomsguide.com/ 32 KB
11 KB 8ms
7ms Fetch
application/json 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/translations.php?language=en-DE

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db05f1ddc62767ef68877bf48413c23ef78ec1efc4ebdecb06bd6f74057cc353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:35 GMT
content-encoding: gzip
x-hawk-country
age: 213
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 10771
x-ftr-expires: Mon, 11 Jul 2022 02:23:01 GMT
x-ftr-balancer: hawkproxyprodblue
x-cache: HIT, HIT
x-ftr-request-id: 00000000:8632_00000000:01BB_62CB8514_277EBF8:58AE
x-timer: S1657505195.004761,VS0,VE1
x-served-by: cache-lon4239-LON, cache-fra19170-FRA
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 1, 1

GET
H2 200 tg.min.css
hawk.tomsguide.com/css/browser/ 5 KB
2 KB 9ms
7ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/css/browser/tg.min.css

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecedba532a12df44f5a0e0546873855d5223a48c11591930a9784532efdb2d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:35 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 635
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 1877
x-ftr-expires: Mon, 11 Jul 2022 01:15:30 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-cache: HIT, HIT
x-ftr-request-id: 00000000:ED24_00000000:01BB_62CB7510_66A9F7D:401D
last-modified: Wed, 06 Jul 2022 15:55:43 GMT
x-timer: S1657505195.019790,VS0,VE0
etag: "62c5b07f-1534"
x-served-by: cache-lon11651-LON, cache-fra19153-FRA
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 setup-model.js Show response
hawk.tomsguide.com/js/w/es6/16.26.7-57c9781e51685a1b0e611d8c457af11a8238ad31/ 97 KB
27 KB 12ms
0ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/16.26.7-57c9781e51685a1b0e611d8c457af11a8238ad31/setup-model.js

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0457f9ac253ff3a01cbcba04798a6ccdea64b7a238a82ba20c851ef920afa497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:35 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 381882
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 27305
x-ftr-expires: Wed, 13 Jul 2022 16:01:52 GMT
x-ftr-balancer: hawkproxyprodblue
x-cache: HIT, HIT
x-ftr-request-id: 00000000:E564_00000000:01BB_62C5B455_1250E18:58AE
last-modified: Wed, 06 Jul 2022 15:55:43 GMT
x-timer: S1657505195.039445,VS0,VE0
etag: W/"62c5b07f-1835c"
x-served-by: cache-lon11650-LON, cache-fra19153-FRA
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=604800, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 15

GET
H/1.1

200
OK

c6469120ee0c429db2864faecaf5f924
i.liadm.com/s/e/a-06t7/0/ Frame 0D3C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06t7%2F0%2Fc6469120ee0c429db2864faecaf5f924%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&3a73bb2b-139f-4b08-a757-f93...
https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=7156&muid=420562cb-85ab-4000-afc0-9909ea8ee136

43 B
257 B

97ms
96ms

Image
image/gif

54.156.247.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=7156&muid=420562cb-85ab-4000-afc0-9909ea8ee136

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06t7?s=&cim=&ps=true&ls=true&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

54.156.247.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-247-58.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 02:06:34 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Mon, 11 Jul 2022 02:06:35 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=7156&muid=420562cb-85ab-4000-afc0-9909ea8ee136
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 11 Jul 2022 02:06:34 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0D3C 70 B
265 B 110ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06t7?s=&cim=&ps=true&ls=true&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 02:06:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

52164
i6.liadm.com/s/ Frame 0D3C
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a
https://x.bidswitch.net/sync?ssp=liveintent&user_id=3a73bb2b-139f-4b08-a757-f93f20b166a1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=419a6abf-6511-4243-af8e-d29fdc179b5a&google_hm=NDE5YTZhYmYtNjUxMS00MjQzLWFmOGUtZDI5ZmRjMTc5YjVh
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=liveintent&bsw_param=419a6abf-6511-4243-af8e-d29fdc179b5a&google_hm=NDE5YTZhYmYtNjUxMS00MjQzLWFmOGUtZDI5ZmRjMTc...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJjFFldFu-Awj3eGhm1JHIA&google_cver=1&ssp=liveintent&bsw_param=419a6abf-6511-4243-af8e-d29fdc179b5a
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a

43 B
419 B

313ms
101ms

Image
image/gif

2600:1f18:444a:4680:94f0:86a5:229d:eb8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:94f0:86a5:229d:eb8a Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 02:06:35 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=419a6abf-6511-4243-af8e-d29fdc179b5a
Date: Mon, 11 Jul 2022 02:06:35 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

c6469120ee0c429db2864faecaf5f924
i.liadm.com/s/e/a-06t7/0/ Frame 0D3C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06t7%2F0%2Fc6469120ee0c429db2864faecaf5f924%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=3a73bb2b-139f-4b08-a757-f93f20b166a1&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-06t7%2F0%2Fc6469120ee0c429db2864faecaf5f924%3Fmp...
https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=82775&muid=19243429336510830360381124562509555723

43 B
257 B

202ms
95ms

Image
image/gif

54.156.247.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=82775&muid=19243429336510830360381124562509555723

Requested by

Protocol

HTTP/1.1

Server

54.156.247.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-247-58.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 02:06:34 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v036-0f321963a.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: s1Pz3HhJQB8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-06t7/0/c6469120ee0c429db2864faecaf5f924?mpid=82775&muid=19243429336510830360381124562509555723
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 0D3C
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=3a73bb2b-139f-4b08-a757-f93f20b166a1
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=3a73bb2b-139f-4b08-a757-f93f20b166a1&rd=Y

43 B
603 B

154ms
154ms

Image
image/gif

104.89.42.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=3a73bb2b-139f-4b08-a757-f93f20b166a1&rd=Y

Requested by

Protocol

Server

104.89.42.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-42-102.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 02:06:35 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 11 Jul 2022 02:06:35 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=3a73bb2b-139f-4b08-a757-f93f20b166a1&rd=Y
pragma: no-cache
date: Mon, 11 Jul 2022 02:06:35 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 11 Jul 2022 02:06:35 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 0D3C 43 B
376 B 39ms
15ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-06t7?s=&cim=&ps=true&ls=true&duid=bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 11 Jul 2022 02:06:35 GMT
via: 1.1 varnish
server: nginx
x-timer: S1657505195.072318,VS0,VE9
x-served-by: cache-fra19141-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i6.liadm.com/s/ Frame 0D3C
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
419 B

271ms
91ms

Image
image/gif

2600:1f18:444a:4680:94f0:86a5:229d:eb8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:94f0:86a5:229d:eb8a Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 02:06:35 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Date: Mon, 11 Jul 2022 02:06:35 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 widget.php Show response
hawk.tomsguide.com/ 5 KB
2 KB 8ms
7ms Fetch
application/json 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/widget.php?model_name=TechRadar%20Magazines&article_type=hub&article_category=retail&language=en-DE&site=TOMSGUIDE&filter_product_types=deals%2Csubscriptions&rows=1&device=desktop&origin=widgets-clientside

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6255429eb2cc6f736fe82cb88c0f90a2fb3b7cedb77a50d84160fd414eb9efc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:35 GMT
content-encoding: gzip
x-hawk-country
xkey: match-id-2351129, model-id-783095
age: 3117
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 1422
x-ftr-expires: Mon, 11 Jul 2022 01:34:37 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: HIT, HIT
x-ftr-request-id: 00000000:C566_00000000:01BB_62CB79EE_4AED4DA:295C
x-timer: S1657505195.060306,VS0,VE1
x-served-by: cache-lon4282-LON, cache-fra19170-FRA
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
x-resp-is-stale: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 1, 1

GET
H2 200 promotion.js Show response
hawk.tomsguide.com/js/w/es6/16.26.7-57c9781e51685a1b0e611d8c457af11a8238ad31/ 42 KB
9 KB 8ms
7ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hawk.tomsguide.com/js/w/es6/16.26.7-57c9781e51685a1b0e611d8c457af11a8238ad31/promotion.js

Requested by

Host: hawk.tomsguide.com
URL: https://hawk.tomsguide.com/js/w/es6/responsive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d4f58a01395f1a7278bec8e47c59823858710638bdf733d9b985ce23c6f267c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:35 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 381877
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 9461
x-ftr-expires: Wed, 13 Jul 2022 16:01:57 GMT
x-ftr-balancer: hawkproxyprodred
x-cache: HIT, HIT
x-ftr-request-id: 00000000:5546_00000000:01BB_62C5B45B_5F76D9E:51A4
last-modified: Wed, 06 Jul 2022 15:55:43 GMT
x-timer: S1657505195.078167,VS0,VE1
etag: W/"62c5b07f-a9d9"
x-served-by: cache-lon4252-LON, cache-fra19153-FRA
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=604800, immutable, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 21ms
21ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=954206411&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliates&ea=Hawk%20appeared&el=%7B%22promotion%22%3A1%7D&_u=6GDAAEABBAQCAG~&jid=599653182&gjid=549086922&cid=2121409878.1657505194&tid=UA-72111741-10&_gid=591614542.1657505194&_r=1&cd31=9.6&cd30=4g&cd5=null&cd12=null&cd14=null&cd16=null&cd17=1&cd25=null&cd33=null&cd37=null&cd48=null&cd60=null&cd65=null&cd66=null&cd73=null&cd75=null&cd76=null&cd84=null&cd90=null&cd105=null&cd111=null&cd115=null&cd116=null&cd117=null&cd118=null&cd122=null&cd124=null&cd125=null&cm1=1725&cm3=166.4000005722046&cm6=61.90000057220459&cm27=1013&z=1659728053

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 02:06:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
mos.fie.futurecdn.net/logos/models/ 14 KB
15 KB 265ms
9ms Image
image/jpeg 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mos.fie.futurecdn.net/logos/models/hlwce5dqzq4wsnmg-16040076574048-250-80.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.116 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 12 Jun 2022 12:58:00 GMT
X-FTR-Cache-Resized-Status: MISS
Age: 2466515
X-FTR-DC: IX
X-FTR-Realm: pip
X-FTR-Backend: mos
Connection: keep-alive
Content-Length: 14272
X-FTR-Balancer: bulkproxyprodred
X-FTR-Request-ID: 00000000:A89F_00000000:0050_5FA6F75D_383AF9:0C4B
Last-Modified: Thu, 29 Oct 2020 21:40:57 GMT
Server: nginx
ETag: "8d6a8139d9085d797db649ca8cd161d5"
Content-Type: image/jpeg
X-FTR-Backend-Server: mos05
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-FTR-Cache-Host: moscache05
Expires: Tue, 12 Jul 2022 12:58:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Ping
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 02:06:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 61ms
24ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72111741-10&cid=2121409878.1657505194&jid=599653182&gjid=549086922&_gid=591614542.1657505194&_u=6GDAAEABBAQCAG~&z=715058003

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tomsguide.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Jul 2022 02:06:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.tomsguide.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10055482/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

10ms
10ms

Script
application/javascript

108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 01:59:23 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 433
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: x5dWbqkfB2YYWdL6JwIPT2sqbW_SdcW7iCejHapxirrlru9VWo83uA==

Redirect headers

location: /internal-cs/default/beacon.js
date: Mon, 11 Jul 2022 02:06:35 GMT
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-length: 0
x-amz-cf-id: jAjwrxOnEFctxFTLmpIxTSuX4QXmUTgPIykPCWSmFHK-3oRh5NykYw==
x-cache: Miss from cloudfront

GET
H2 204 b2
sb.scorecardresearch.com/ 0
189 B 15ms
14ms Image
text/plain 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=40&cs_cmp_rt=0&cs_it=b2&cv=3.8.0.210223&ns__t=1657505195580&ns_c=UTF-8&c7=https%3A%2F%2Fwww.tomsguide.com%2Fnews%2Fdo-not-open-windows-10-update-sent-via-email-its-ransomware%3Futm_source%3Dnotification&c8=404&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-38.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tomsguide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 02:06:35 GMT
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Qm7vWnxp-erhTdlCaNPeQuTMAcasirXjkc0p0NnwYQYAaZM8VskbvA==
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tomsguide.com/news	1970-01-20 04:25:05	Name: _liChk Value: 0.7096326750390836
i.liadm.com/s	1970-01-20 05:08:17	Name: _li_ss Value: MgUIBhDeEjIFCAoQ3hIyBQgLEN4SMgUIfhDeEjIGCIsBEN4SMgUIeRDeEjIGCIEBEN4SMgUIDBDeEjIJCP____8HEN4S
.www.tomsguide.com/	1969-12-31 23:59:59	Name: FTR_Country_Code Value: DE
.www.tomsguide.com/	1969-12-31 23:59:59	Name: FTR_Cache_Status Value: MISS-CLUSTER
.www.tomsguide.com/	1970-01-20 13:10:41	Name: usprivacy Value: 1YNN
.tomsguide.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .tomsguide.com
.tomsguide.com/	1970-01-20 21:56:17	Name: _lc2_fpi Value: bdf8ac163f3a--01g7ng47rp45sb69e6vhh5ah5j
.servebom.com/	1970-01-20 13:10:41	Name: u Value: C759460AC30D407781112DB4CBE7D620
.tomsguide.com/	1970-01-20 04:25:06	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification%22%2C%22sref%22:%22%22%2C%22sts%22:1657505193798%2C%22slts%22:0}
.tomsguide.com/	1970-01-20 13:54:29	Name: _parsely_visitor Value: {%22id%22:%22pid=0f94b041e747165828e50accf1f7014e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1657505193798}
www.tomsguide.com/	1970-01-20 06:11:53	Name: h_id Value: C759460AC30D407781112DB4CBE7D620
uk-script.dotmetrics.net/	1970-01-20 04:35:09	Name: AWSALBCORS Value: sISqiYwJ8Pw1dn5f/HBAtcLdQAcj8tZeLkHUsyvuFe9P9j8cfBfqOQaAHGxpuk/ZqHyE7Q5S8iq9dSEX3HrxvVlr8RaHwBazIkeYeFyjyvnxdyCDd/1yL3JlDNzX
.dotmetrics.net/	1970-01-20 13:10:41	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 13:10:41	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=d6429995-0fac-4f9f-bff4-133144cf3620&Created=07/11/2022 02:06:33&UserMode=0&guid=103729d3-1004-42d0-8afa-4b657e0c1eaa&ver=1
.tomsguide.com/	1970-01-20 04:25:08	Name: AMP_TOKEN Value: %24NOT_FOUND
.tomsguide.com/	1970-01-20 21:56:17	Name: _ga Value: GA1.2.2121409878.1657505194
.tomsguide.com/	1970-01-20 04:26:31	Name: _gid Value: GA1.2.591614542.1657505194
.tomsguide.com/	1970-01-20 04:25:05	Name: _gat Value: 1
.liadm.com/	1970-01-20 21:56:17	Name: lidid Value: 3a73bb2b-139f-4b08-a757-f93f20b166a1
.mathtag.com/	1970-01-20 13:51:00	Name: uuid Value: 420562cb-85ab-4000-afc0-9909ea8ee136
.tomsguide.com/	1970-01-20 04:25:05	Name: _gat_hawkWidgetsAffiliate Value: 1
.bidswitch.net/	1970-01-20 13:10:41	Name: tuuid Value: 419a6abf-6511-4243-af8e-d29fdc179b5a
.bidswitch.net/	1970-01-20 13:10:41	Name: c Value: 1657505195
.bidswitch.net/	1970-01-20 13:10:41	Name: tuuid_lu Value: 1657505195
.demdex.net/	1970-01-20 08:44:17	Name: demdex Value: 19243429336510830360381124562509555723
.dpm.demdex.net/	1970-01-20 08:44:17	Name: dpm Value: 19243429336510830360381124562509555723
.addthis.com/	1970-01-20 13:55:19	Name: na_id Value: 2022071102063500014639424511
.addthis.com/	1970-01-20 13:55:19	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:55:19	Name: uid Value: 62cb85ab8b831868
.addthis.com/	1970-01-20 13:55:19	Name: ouid Value: 62cb85ab00010cba385ccf9abb308d6bc4b28baceb9253d839dc
.dlx.addthis.com/	1970-01-20 05:08:17	Name: na_sc_x Value: 1
.doubleclick.net/	1970-01-20 13:46:41	Name: IDE Value: AHWqTUmM_Tx130ezKcn7JtF_cgsW96sdHhdlQYwpHjQVh3dSjSf40oAkm3Jx73AcmZs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tomsguide.com/news/do-not-open-windows-10-update-sent-via-email-its-ransomware?utm_source=notification Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
ads.servebom.com
ampcid.google.com
ampcid.google.de
audit-tcfv2.quantcast.mgr.consensu.org
b-code.liadm.com
b1sync.zemanta.com
bordeaux.futurecdn.net
cdn.onesignal.com
cdn.parsely.com
champagne.futurecdn.net
cm.g.doubleclick.net
dpm.demdex.net
freyr.futurecdn.net
hawk.tomsguide.com
i.liadm.com
i6.liadm.com
match.adsrvr.org
mos.fie.futurecdn.net
p1.parsely.com
quantcast.mgr.consensu.org
rm-script.dotmetrics.net
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
sb.scorecardresearch.com
search-api.fie.future.net.uk
secure.quantserve.com
sli.tomsguide.com
sommelier.futurehybrid.tech
stats.g.doubleclick.net
sync.mathtag.com
test.quantcast.mgr.consensu.org
trc.taboola.com
uk-script.dotmetrics.net
vanilla.futurecdn.net
www.google-analytics.com
www.tomsguide.com
x.bidswitch.net
x.dlx.addthis.com
104.89.42.102
107.21.19.116
108.157.4.38
13.225.78.20
151.101.2.114
151.139.128.11
172.217.16.130
18.192.243.114
18.64.87.36
185.113.25.51
185.29.134.248
199.232.194.114
2600:1f18:444a:4680:94f0:86a5:229d:eb8a
2600:1f18:730:b150:1cf:88dc:54d8:eec2
2600:9000:20eb:9800:8:8845:1500:93a1
2600:9000:21f3:7400:3:a4cd:8380:93a1
2600:9000:21f3:8800:d:5ce3:a4c0:93a1
2600:9000:223c:d000:6:44e3:f8c0:93a1
2600:9000:2240:f000:9:46dc:4700:93a1
2606:4700::6812:551
2606:4700::6812:e234
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::200e
2a00:1450:4001:809::200e
2a00:1450:4001:813::200e
2a00:1450:400c:c07::9a
2a02:26f0:ef::5f65:4db1
2a04:4e42:200::300
34.248.31.134
35.71.131.137
52.59.173.142
54.154.32.144
54.155.18.159
54.156.247.58
70.42.32.127
8.253.204.116
0457f9ac253ff3a01cbcba04798a6ccdea64b7a238a82ba20c851ef920afa497
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
12b9d92963b594157b22adeebfbcf463b80c5d504f0fefe3bee1533e20a996c9
1af8a10c6198cf2d75bef019db6823e5357d7c658f62996390f85d73a80618d9
1f99df25793cd6d506f39faad8be261bef18fc93dd54eadc33f017fbc59203a3
24085d68bea58b22f39cb290e7ebc0d993fcf51df6a3e20fd24f15beebcd958a
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2d57f2798d971f5368ceab357b317ff1794ffa5111302afecc6ef9af1f01e536
2e3b72b73c3515d726bf930bf8911fc70746f4cd1763b0b432fee146c5e202ff
350786f64e0b10bb61083f97962b7d0e490ccb41eabad5189059e17d4b3a6b03
38443a71154cc85ec50ba67abc25af25c574c7d84825b22293ceb155eb14c1d2
3fd4241f120e0bf4d7d2c6ef66e0a29704e089eaf14484e2e434873714eb03a2
4d708f3d2560b73d6f4ea869b1470bb52ec8e0cbaca4fb164a766ab54891bb6a
4ec3c004ee334755536b515e20d63b626396d89ec4b6f0d1e060e2e01108a158
5220d9201f54033f975ceefc9405f7aad17201caf309a89ff772ce9b7919f3cb
526adcba8efa179e2e1e2865fb5befe0f2f69b8d9b59368f04741b49245277d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a292d2f224a634f7f47110eaeebd9b006c25a24bdde2099bd6475ce7f565579
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
6255429eb2cc6f736fe82cb88c0f90a2fb3b7cedb77a50d84160fd414eb9efc2
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff112c18368541d7ed900403252884e9f7388b704ae7343a1fd08a4f3384374
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
924a2c1c303fe3ffb0db525fe1fb9fecc5fa6752c6694eab84e55673ef10f228
945b9cbb4b1dfdabe7d762a4b33144ea8187e09fbef5ef5c1ad7e483c501100c
9704b0745aaff2d2ecbfc16363a2fe99d52201209300e4c6d0a03a9708ecf80b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa94851a973545354a9cf83b885d3cfe25981fe90a6c90d3ad1023a3bd2c889a
ab07aa35915f4b920dd8e09a9786af753ed0c736a8b325a7bcf411111548f40e
b962298dc9295283d343e926a4fb9c92df1867ad6e9c9420326c74289da97b63
c2ae0dc857a0f6582fda4c1c099c9a8d55290474211f151981435e62b78a30c9
c681185172b31540ba25420b054eb68c41fc623b7396cf7002b0b561abfd6660
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd058e51526b3cec4f24d62da25e068dddd98f10809f5f46cde0013c006d8607
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2177c3baaef8bb4a8bbb0a15eafd9c53d47be47566b204bf6b85613fa68a811
d4f58a01395f1a7278bec8e47c59823858710638bdf733d9b985ce23c6f267c1
d60d916ba199f3562c1113649c427e8546ec20f39447fc78ef99f68a47060263
d81ecdfd770abb03106fc5106e92380e2ee6dc602ffdd25f3d6e2e622fdf5a10
d842cf9d834cfd4d63771d7d5bc1344c634fbcb5958b4e4b71f6963ac64773f5
db05f1ddc62767ef68877bf48413c23ef78ec1efc4ebdecb06bd6f74057cc353
db19a20a4f38fc3a68afe595388f29b42587ce4e74bd4cb1d3a9f65972c28ea6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e05f63bc7d192f836e2660648e2cc57e38204a55dfb600bddd58f01cd7111313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f423b225e6202de06913ffd607a71ea622478d518301f145f078adf9051db9
ecce228745126f5c213f56d5fb8d97a43079f53e2fc83a4cded0075da5fade56
ecedba532a12df44f5a0e0546873855d5223a48c11591930a9784532efdb2d47
fd6e08d5b2f4112a6817f301788849cb7ce7ee3c9d90cfcdf3ae1df11fdfc9d4

www.tomsguide.com Open in urlscan Pro 199.232.194.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

88 %HTTPS

44 %IPv6

25 Domains

40 Subdomains

31 IPs

5 Countries

1160 kBTransfer

5030 kBSize

32 Cookies

15 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tomsguide.com Open in urlscan Pro
199.232.194.114 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

88 %
HTTPS

44 %
IPv6

25
Domains

40
Subdomains

31
IPs

5
Countries

1160 kB
Transfer

5030 kB
Size

32
Cookies

68 HTTP transactions
0 data transactions