www.infosecurity-magazine.com Open in urlscan Pro
3.166.192.116  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

• https://idsync.rlcdn.com/395886.gif?partner_uid=3646136418869706809 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjEzNjQxODg2OTcwNjgwORAAGg0IldLQtQYSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=424c32de12bb21142885737e4fb8bf71703e3b03641a36ac57d37921028309bdf4cb09cee1a4f8eb&person_id=3646136418869706809&eid=50082

Request Chain 73

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
• https://ml314.com/utsync.ashx?eid=53819&et=0&fp=28cd8600-a2b2-46f1-9587-61ddccf95b3b&gdpr=0&gdpr_consent=

Request Chain 74

• https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646136418869706809 HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646136418869706809 HTTP 302
• https://ml314.com/csync.ashx?fp=f6485264daa9a4bfa507636584e8abe3&eid=50146&person_id=3646136418869706809

Request Chain 75

• https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
• https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2o6uY3FWRXpvqe0JY3L98VchhbNAC3NFOHaL0BMDBonQ&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
• https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 78

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5460932%26time%3D1723083029360%26url%3Dhttps%253A%252F%252Fwww.infosecurity-magazine.com%252Fnews%252Fmicrosoft-365-phishing-alert%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQInoTuf_dL1GwAAAZEvwH8jbwE5loVUbWllzD4hF1q_vZLmx6hcEmJBmfCeHEwWcOYrSA

Request Chain 81

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=645982266&cv=11&fst=1723083028966&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457z878347448za201zb78347448&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=959799631.1723083028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&eitems=ChEI8LbMtQYQy5uQ8faRgrrzARIdAFQrdb5vcnhrW-839RWAZ4eCpCVV7pgt-ONPSGY&pscrd=IhMIztiIv6jkhwMV0QuICR3GkDO_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS HTTP 302
• https://www.google.com/pagead/1p-conversion/875375440/?random=645982266&cv=11&fst=1723083028966&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457z878347448za201zb78347448&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=959799631.1723083028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIztiIv6jkhwMV0QuICR3GkDO_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSKQDpaXnf7bDNqCGWdwfizc0jbjrNrvvG938qc0HAL9Ur9r3cE0L93qet&eitems=ChEI8LbMtQYQy5uQ8faRgrrzARIdAFQrdb6bdfLkm0KqB9fS5FZv0CeHvlIsR0Tgqfc&random=622350952

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/	98 KB 25 KB	533ms 230ms	Document text/html	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash 3ab67b9b856196b62fe851d8d5c573fbfdac32a644e6c04c3a1bf9ee029a0c91 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * age 192 cache-control public, proxy-revalidate, max-age=300 content-encoding br content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content content-type text/html; charset=utf-8 date Thu, 08 Aug 2024 02:07:13 GMT feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' last-modified Wed, 07 Aug 2024 15:45:00 GMT permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() referrer-policy same-origin server RX vary Accept-Encoding via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-id s8X07RIg_-PHBzAwEjGgt4yyJ6urX_f1iuVYWSLD4GrHYzdTAsMqhA== x-amz-cf-pop PHL51-P2 x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-ua-compatible IE=Edge x-xss-protection 1; mode=block
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 31 KB	421ms 145ms	Script text/javascript	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash 3b9941659df27e214f5e07f55543eb7939117b42d676d10323604ab30ff9bdd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:26 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31681 x-xss-protection 0 server cafe etag 109 / 19943 / 31085955 / config-hash: 4825155690521937780 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 08 Aug 2024 02:10:26 GMT
GET H2	200	jquery.min.js Show response cdn.jsdelivr.net/npm/jquery@3.7.0/dist/	85 KB 32 KB	231ms 61ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery@3.7.0/dist/jquery.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 08 Aug 2024 02:10:26 GMT x-content-type-options nosniff content-encoding br age 1388498 x-jsd-version 3.7.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 32087 x-served-by cache-fra-eddf8230028-FRA, cache-bur-kbur8200173-BUR x-jsd-version-type version etag W/"155a6-Wp7qw02G6S5WYOD0+HIE8e0Mj/Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	underscore-min.min.js Show response cdn.jsdelivr.net/npm/underscore@1.13.6/	19 KB 8 KB	251ms 83ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/underscore@1.13.6/underscore-min.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bb20d24b99fd1eae4fd77c1e833ce0a4536189961ceb1114fd272ca31e8ebd82 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 08 Aug 2024 02:10:26 GMT x-content-type-options nosniff content-encoding br age 689321 x-jsd-version 1.13.6 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 8075 x-served-by cache-fra-eddf8230089-FRA, cache-bur-kbur8200173-BUR x-jsd-version-type version etag W/"4d5b-1Barardb3Bq5uc0bP3wXZk8NDAQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	phq8nwg.css use.typekit.net/	11 KB 1 KB	854ms 360ms	Stylesheet text/css	2600:141b:f000:1e::1737:f351 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/phq8nwg.css Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:1e::1737:f351 Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 85b50ffe6b0cb56f765532dbac925599ddd984fcaefb0e2590099105dbd044da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Thu, 08 Aug 2024 02:10:26 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1297
GET H2	200	base.min.css www.infosecurity-magazine.com/_common/css/23080201/	66 KB 10 KB	148ms 147ms	Stylesheet text/css	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/css/23080201/base.min.css?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash c08e633b39381743b6e6bca9c5922e9aa9ba5f3044c29031b0076a47b4af1927 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 00:35:31 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 age 5695 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Wed, 29 May 2024 12:14:18 GMT server RX etag W/"5d7f1bbc1b1da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type text/css vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id mUKhLOw9wNlpq-2AsAHY8-Z5eXsefdcSuEnnUJnAFnIG9B0YLlA9kg==
GET H2	200	article.min.css www.infosecurity-magazine.com/_common/css/23080201/	5 KB 3 KB	138ms 136ms	Stylesheet text/css	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/css/23080201/article.min.css?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash 778f93243401b2fd6663834b51f4d3f32012d6ee11f40f6169af721331bd1682 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 16:06:35 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 age 36231 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Wed, 29 May 2024 12:14:18 GMT server RX etag W/"97984bbbc1b1da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type text/css vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id 1jO8gekhzrbwRz48LWZDWKzD3N6NH_CTq9kYw_nmgAxeqlpauUzb7g==
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	257ms 77ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Wbr2pAeg61Hfi+2FuD0cYA== age 35877 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Tue, 06 Aug 2024 16:00:59 GMT server cloudflare etag 0x8DCB630F6828A85 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id d000050e-801e-00d1-6331-e82ed5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8afbf8516f5f0c9f-LAX
GET H2	200	ism.js Show response www.infosecurity-magazine.com/_common/js/23080201/	5 KB 3 KB	156ms 155ms	Script application/javascript	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/js/23080201/ism.js?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash fded88b84aecf0d550b1d26a85a971351a138a573dbd6bd88cb646de1e7ab42a Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 16:01:01 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 age 36565 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 03 Aug 2023 12:59:01 GMT server RX etag W/"6a124d46ac6d91:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/javascript vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id MsLpS5837OkcUgIqsIMaQCk9ckYtwSiPCb5AFJ-FTartvtc9yo6fTA==
GET H2	200	ism.ads.es5.min.js Show response www.infosecurity-magazine.com/_common/js/23080201/ism/	6 KB 3 KB	143ms 142ms	Script application/javascript	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.ads.es5.min.js?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash cbe5296bf61f4ee88ecab204fe1ec3a144660caa32b71d9744f01102286df62a Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 01:06:25 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 age 3841 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Wed, 29 May 2024 12:14:31 GMT server RX etag W/"4e8ac8c2c1b1da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/javascript vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id dqOxKdiiVg0vfCUh6yM0AzoXM_IjSGg8CzvJx3GlZxpX9PqEKJJbgA==
GET H2	200	ism.whatshot.es5.min.js Show response www.infosecurity-magazine.com/_common/js/23080201/ism/	851 B 2 KB	135ms 134ms	Script application/javascript	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.whatshot.es5.min.js?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash ecde3c0d9f4721fd5bc3989d1e6103966b836786849f65ead031a1c758687ef0 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 01:11:58 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 age 3508 x-cache Hit from cloudfront content-length 851 x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Wed, 29 May 2024 12:14:29 GMT server RX etag "444aa9c1c1b1da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/javascript feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() accept-ranges bytes access-control-allow-headers Content-Type x-amz-cf-id _4lVbtzHkibzkuOylfbfFPjmosVsToOov-I1xIQaeDLFUU-crFzDnw==
GET H2	200	p.css p.typekit.net/	5 B 172 B	571ms 130ms	Stylesheet text/css	2600:141b:f000:1e::1737:f353 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=phq8nwg&ht=tk&f=15982.15984.37450.16353.37464.37466.37515.37516.37517.37518.37519.37520.51838.51839.51840.51841&a=6157095&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:1e::1737:f353 Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:27 GMT last-modified Sun, 10 Mar 2024 12:44:13 GMT server nginx etag "65edab1d-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	6b575081-117f-49ba-bff7-347875107505.json Show response cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/	4 KB 2 KB	235ms 101ms	XHR application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/6b575081-117f-49ba-bff7-347875107505.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 320b23415a9ca25f7546db36c5b7e2e2104f8c62e73fbdb184c03dc0948e3afb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 31174 content-md5 cmmGmuVtZN6ImPkSS45ukA== content-length 1562 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 06:44:02 GMT server cloudflare etag 0x8DC90F45F43E159 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id bffd4a0f-f01e-007f-14f1-c20db8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8afbf85a28562aa9-LAX expires Fri, 09 Aug 2024 02:10:27 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	312 KB 105 KB	435ms 149ms	Script application/javascript	2607:f8b0:4004:c21::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 10a3b99dcaf3e68f418c4203bee36484e7b082d94440c857247bf5c4869db201 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 107462 x-xss-protection 0 last-modified Thu, 08 Aug 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 08 Aug 2024 02:10:27 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	404ms 124ms	Script text/javascript	2607:f8b0:400d:c03::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c03::71 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 08 Aug 2024 01:50:23 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1204 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 08 Aug 2024 03:50:23 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/	473 KB 148 KB	131ms 125ms	Script text/javascript	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 10:12:56 GMT content-encoding br x-content-type-options nosniff age 57451 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 151286 x-xss-protection 0 server cafe etag 16318545838041958494 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Thu, 07 Aug 2025 10:12:56 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	216 B 131 B	414ms 169ms	XHR application/json	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.infosecurity-magazine.com Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash d19131eba40ee5851cddc9d1f80f5b3a8d3dcc94631f6216e9d2373cfa087741 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:27 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 106 x-xss-protection 0 expires Thu, 08 Aug 2024 02:10:27 GMT
GET H2	200	1288a34e-cc8a-42eb-a047-948c83f0ff94.jpg assets.infosecurity-magazine.com/webpage/feat/	64 KB 65 KB	297ms 238ms	Image image/jpeg	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.infosecurity-magazine.com/webpage/feat/1288a34e-cc8a-42eb-a047-948c83f0ff94.jpg Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash f4242b06dc57a299a32be1ae45fb6eaddcec062a22620239bf5c48a75ae9a822 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.infosecurity-magazine.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:16 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) server RX x-amz-cf-pop PHL51-P2 age 11 x-amz-cf-id X9TAhanFi-RLZSN3FF_y5If0Sf7zyZNz_UrEZCuzC-IDuArE3KVXaQ== x-frame-options SAMEORIGIN x-cache Hit from cloudfront content-type image/jpeg cache-control private, max-age=2764800 content-length 66013 x-xss-protection 1; mode=block x-ua-compatible IE=Edge
GET H2	200	l use.typekit.net/af/73dbad/00000000000000007735a197/30/	24 KB 24 KB	551ms 174ms	Font application/font-woff2	2600:141b:f000:1e::1737:f351 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/73dbad/00000000000000007735a197/30/l?subset_id=2&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:1e::1737:f351 Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4ca1e0e518aaf5d78abd4fc78268ac642cb679dbb56a905d2c57a296566a0bba Request headers Referer https://use.typekit.net/phq8nwg.css Origin https://www.infosecurity-magazine.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:27 GMT server nginx etag "550ca47a88a465c010c13a8c017f04a91a75a9a4" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 24168
GET H2	200	l use.typekit.net/af/2180b4/00000000000000007735a193/30/	23 KB 23 KB	643ms 267ms	Font application/font-woff2	2600:141b:f000:1e::1737:f351 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/2180b4/00000000000000007735a193/30/l?subset_id=2&fvd=n6&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:1e::1737:f351 Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash a45a4393f8b7ac978e32ac46f58dad43eb83811a4b3d9f7b79cac1f864edd662 Request headers Referer https://use.typekit.net/phq8nwg.css Origin https://www.infosecurity-magazine.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT server nginx etag "d42a9fe146eae2c4c65475dbd44806c5aed58d8b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 23312
GET H2	200	l use.typekit.net/af/32b0e4/00000000000000007735a185/30/	44 KB 45 KB	511ms 136ms	Font application/font-woff2	2600:141b:f000:1e::1737:f351 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/32b0e4/00000000000000007735a185/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:1e::1737:f351 Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155 Request headers Referer https://use.typekit.net/phq8nwg.css Origin https://www.infosecurity-magazine.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:27 GMT server nginx etag "dead750a1d4bc579636464295fb9e45aa84c4884" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 45468
GET H2	200	605bfdcb-abca-4e31-9902-3a3d746228ce.png assets.infosecurity-magazine.com/s3/infosec-media/images/profile/	2 KB 2 KB	134ms 133ms	Image image/webp	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.infosecurity-magazine.com/s3/infosec-media/images/profile/605bfdcb-abca-4e31-9902-3a3d746228ce.png?width=64&height=64&mode=crop&scale=both&format=webp Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash 07ac84596d158248a60c2f747f609a508e6e2f1980a23f0608caee79a30291b7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 19 Jul 2024 19:37:37 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-aspnet-version 4.0.30319 x-amz-cf-pop PHL51-P2 age 1665170 x-cache Hit from cloudfront content-length 1686 x-xss-protection 1; mode=block x-ua-compatible IE=Edge server RX x-frame-options SAMEORIGIN content-type image/webp cache-control public x-amz-cf-id tep3D5cSqM6KxHaH33Q0HwYMzCVICq6oHFLRhhWC2_PXiycpnQ6hzQ== expires Tue, 20 Aug 2024 19:37:37 GMT
GET H2	200	/ Show response www.infosecurity-magazine.com/account-buttons/	240 B 2 KB	340ms 339ms	XHR application/json	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/account-buttons/?time=1723083027559 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash 4e916eb59cd64cce6fc41e3355180f0284ae0edc2602686431e90f2e7f082652 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers X-NewRelic-ID Vg8GV1ZVCxACUFBSAgMEV1c= tracestate 2916063@nr=0-1-2916063-322535572-ac24bb69618a50c2----1723083027561 traceparent 00-f61f9425cb37fbb019b898f1157187e6-ac24bb69618a50c2-01 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiYWMyNGJiNjk2MThhNTBjMiIsInRyIjoiZjYxZjk0MjVjYjM3ZmJiMDE5Yjg5OGYxMTU3MTg3ZTYiLCJ0aSI6MTcyMzA4MzAyNzU2MX19 Accept */* Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ X-Requested-With XMLHttpRequest Response headers date Thu, 08 Aug 2024 02:10:27 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 x-cache Miss from cloudfront content-length 240 x-xss-protection 1; mode=block x-ua-compatible IE=Edge pragma no-cache referrer-policy same-origin server RX x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/json; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id Rwxf4nsr8V3gtLPqsjrW_uIhUTo5QuuDkO8-Akqv5so4F_UDodfYRg== expires -1
GET H2	200	/ Show response www.infosecurity-magazine.com/nav/mobile/	4 KB 2 KB	342ms 342ms	XHR text/html	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/nav/mobile/ Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash 53fc4495c7705b2373e2b73ec881c82dffb40cfbd744d8e5bd8ba7f5a018575b Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers X-NewRelic-ID Vg8GV1ZVCxACUFBSAgMEV1c= tracestate 2916063@nr=0-1-2916063-322535572-e52480666b3b002f----1723083027562 traceparent 00-198dfc9fd04fa4dbb1e139b870004deb-e52480666b3b002f-01 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiZTUyNDgwNjY2YjNiMDAyZiIsInRyIjoiMTk4ZGZjOWZkMDRmYTRkYmIxZTEzOWI4NzAwMDRkZWIiLCJ0aSI6MTcyMzA4MzAyNzU2Mn19 Accept */* Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ X-Requested-With XMLHttpRequest Response headers date Thu, 08 Aug 2024 02:10:27 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 x-cache Miss from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin server RX x-frame-options SAMEORIGIN access-control-allow-methods * content-type text/html; charset=utf-8 vary Accept-Encoding cache-control private feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id T7ysph8Tuwv5oIdVloXqoV-ulPYpzQSQ5tF_6ABZExQMw1MqHsFnGw==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	71 B 309 B	224ms 86ms	XHR application/json	2606:4700::6812:1d7f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1d7f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 8afbf85bce1528f2-LAX access-control-allow-headers Content-Type
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202405.2.0/	451 KB 110 KB	73ms 71ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:27 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Ryx3T13YxV6i1yEKSnAPIA== age 13867 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 112015 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:45 GMT server cloudflare etag 0x8DCA5E423ECD5E2 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 96934d7a-301e-0069-12ce-d7cc26000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8afbf85c6c0c0c9f-LAX
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame 297D	0 0	367ms 121ms	Document text/html	74.125.192.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f154.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1860 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 28915 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 08 Aug 2024 01:39:28 GMT expires Thu, 08 Aug 2024 02:29:28 GMT last-modified Mon, 05 Aug 2024 19:44:26 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	46 KB 18 KB	216ms 214ms	XHR text/plain	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2787418353741155&correlator=1537110106089198&eid=31085955%2C31084181%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408060101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cmicrosoft-365-phishing-alert&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=33&sc=1&cookie_enabled=1&abxe=1&dt=1723083028026&lmt=1723045500&adxs=436&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&vis=1&psz=1600x50&msz=728x50&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723083025927&idt=1946&cust_params=topics%3DApplication%2520Security%252CCybercrime%252CData%2520Protection%252CHuman%2520Factor%252CInternet%2520Security%252CPhysical%2520and%2520Information%2520Security%2520Convergence%252CRisk%2520Management%252CWeb%2520Application%2520Security%252CPhishing%252CData%2520Loss%2520Prevention%252CSocial%2520Engineering%252CSecurity%2520Training%2520and%2520Awareness%252CEmail%2520Security%252CPenetration%2520Testing%252CVulnerability%2520Management&adks=3449391486&frm=20&eoidce=1 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash 51a15fb4a7e00d4feff5709ad1bfdec9c168ae550de6350b0988d43574e265a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18114 x-xss-protection 0 google-lineitem-id 6756735823 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138483628915 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	46 KB 18 KB	181ms 179ms	XHR text/plain	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2787418353741155&correlator=2839256091939430&eid=31085955%2C31084181%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408060101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cmicrosoft-365-phishing-alert&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=33&sc=1&cookie_enabled=1&abxe=1&dt=1723083028044&lmt=1723045500&adxs=1046&adys=760&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&vis=1&psz=364x329&msz=300x250&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723083025927&idt=1946&cust_params=topics%3DApplication%2520Security%252CCybercrime%252CData%2520Protection%252CHuman%2520Factor%252CInternet%2520Security%252CPhysical%2520and%2520Information%2520Security%2520Convergence%252CRisk%2520Management%252CWeb%2520Application%2520Security%252CPhishing%252CData%2520Loss%2520Prevention%252CSocial%2520Engineering%252CSecurity%2520Training%2520and%2520Awareness%252CEmail%2520Security%252CPenetration%2520Testing%252CVulnerability%2520Management&adks=1886982906&frm=20&eoidce=1 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash 0afb23bcf46776cbdd3dba955c7fb5dbdf62496649261505b0e96149cd02791c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17981 x-xss-protection 0 google-lineitem-id 6763073944 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138485117449 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	46 KB 18 KB	222ms 220ms	XHR text/plain	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2787418353741155&correlator=1037450853514459&eid=31085955%2C31084181%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408060101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cmicrosoft-365-phishing-alert&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=33&sc=1&cookie_enabled=1&abxe=1&dt=1723083028049&lmt=1723045500&adxs=436&adys=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&vis=1&psz=1600x50&msz=728x50&fws=512&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723083025927&idt=1946&cust_params=topics%3DApplication%2520Security%252CCybercrime%252CData%2520Protection%252CHuman%2520Factor%252CInternet%2520Security%252CPhysical%2520and%2520Information%2520Security%2520Convergence%252CRisk%2520Management%252CWeb%2520Application%2520Security%252CPhishing%252CData%2520Loss%2520Prevention%252CSocial%2520Engineering%252CSecurity%2520Training%2520and%2520Awareness%252CEmail%2520Security%252CPenetration%2520Testing%252CVulnerability%2520Management&adks=11265656&frm=20&eoidce=1 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash 14165a6f025340ebea2a79ea8474516a10c0d8c231b8d09ce9ecaeef490d71be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17971 x-xss-protection 0 google-lineitem-id 6754498719 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138482880093 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 0b6c6931b6a653baec584434d7e43c13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 262D	0 0	458ms 122ms	Document text/html	2607:f8b0:400d:c0e::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://0b6c6931b6a653baec584434d7e43c13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 08 Aug 2024 02:10:28 GMT expires Thu, 08 Aug 2024 02:10:28 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	en.json Show response cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/	54 KB 14 KB	97ms 96ms	Fetch application/x-javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/en.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 722b835dd570d6861f5cbf3513ecfe92232a26f68dd054d64415b271396b818a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:28 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 31173 content-md5 D5PKW79w5z4Qq3Mfl/+DAA== content-length 13909 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 06:44:05 GMT server cloudflare etag 0x8DC90F460CF07B1 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 645a0455-601e-0071-37dd-c2e1b3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8afbf85e2ebc2aa9-LAX expires Fri, 09 Aug 2024 02:10:28 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	307 KB 103 KB	152ms 150ms	Script application/javascript	2607:f8b0:4004:c21::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b0d6c24d761f076af29555f4b42e46cbed32acc3acb0c5c211a2e031c140e525 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 104946 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 08 Aug 2024 02:10:28 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 0	0ms 0ms	Script text/javascript	2607:f8b0:400d:c03::71 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c03::71 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 01:50:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1204 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 08 Aug 2024 03:50:23 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	268 KB 92 KB	192ms 192ms	Script application/javascript	2607:f8b0:4004:c21::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-875375440&l=dataLayer&cx=c Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eca8dbbfb6e1b5a3a2491b069b113f9f0d894fb59868255839751fe7fde3bfab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 93929 x-xss-protection 0 last-modified Thu, 08 Aug 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 08 Aug 2024 02:10:28 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	878ms 464ms	Script application/javascript	2600:141b:f000:1e::1737:f346 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:f000:1e::1737:f346 Edison, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:29 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 24 Jul 2024 05:33:09 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=60746 accept-ranges bytes content-length 14597
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	225 KB 60 KB	393ms 118ms	Script application/x-javascript	2a03:2880:f003:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 08 Aug 2024 02:10:28 GMT document-policy force-load-at-top x-fb-server-load 43 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58865 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=12, mss=1297, tbw=2807, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug B/4iJY8hFYSuqcdhVdRgbI8fy3Z333z7ZzrgGzYXVBV+zbhjj1awTFIP7Wo4BFIcPuj3Ujmvpr1TUFjyIqPayg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	oct.js Show response static.ads-twitter.com/	56 KB 15 KB	365ms 89ms	Script application/javascript	146.75.40.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/oct.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.40.157 Seattle, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT content-encoding gzip last-modified Thu, 04 Apr 2024 00:26:35 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000048-IAD, cache-bfi-kbfi7400045-BFI
GET H2	200	tag.aspx Show response ml314.com/	38 KB 39 KB	285ms 60ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?772024 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:00:28 GMT via 1.1 google age 600 x-guploader-uploadid AHxI1nMU5YUhbss615_Bmo_8pr5n-jeLYeJh3CLYEIr5jOwZtFg4kW9Mn2H0fYA6WnDBDUX83ipJLOTawQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39162 last-modified Wed, 24 Jul 2024 19:30:50 GMT server UploadServer etag "632616ff15825f030aab3391a58ef042" x-goog-generation 1721849450340665 x-goog-hash crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg== content-type application/javascript cache-id LAX-278c7c cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 39162 accept-ranges bytes
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 5DC3	0 0	188ms 188ms	Fetch image/gif	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEnro3rWcP-MjJMZ9Cfb_JvdTgEI32kK1j3FD7mALRiN4cxmjUJD9ic1E4D-Bs0PAMZw2l-e4yn-LWVfRU60YQGVtWr8yCX5XIgnxxqIThuwASTreFO0C8L8d-hib2XfAINRwLqM6-iJuR4a7L92LG6Vnm9aUewAHxftty4dSdPO3xENNRxmEtqjkR7H_qBM6r1g94GevRLRziRWBCtYUFqlhC7Smmn2f04rg-yFM1kOwOh2Yot5IVzZAZ20x9AhIOSEpxai3qXaYazV0Js46OLa_KQ6F-NEcMtxtUa7FyYZGS41_6F6B4XX7n3Ltj3tehqrtXTxNFHxEFQ-lo-Ny8PCAfLUayoJVDiBUjAc3nN-ZPFTYBo24_zyT_CWu7hKB4Wt8eoTAC2Wp81YqvOfK2iFJP20k&sai=AMfl-YRNWCwPkQkh1dTOFtvYLMRZAF0tUluozDdlHgF-9lRgNjOUbumAdA-cAFDMt8lP2PRWfUoAa7fZLE7zOZwRFIQTfjGxr92BOR4vlMuDWqD6eI3x2qovoOHxFp-IelLBpW38wV3R3HHu5tcmokzwEQQO&sig=Cg0ArKJSzB9IdeBr408TEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 08 Aug 2024 02:10:28 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/ Frame 5DC3	3 KB 1 KB	707ms 372ms	Script text/javascript	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 21:41:14 GMT content-encoding br x-content-type-options nosniff age 16154 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 21 Aug 2024 21:41:14 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5DC3	203 KB 63 KB	392ms 139ms	Script text/javascript	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash 3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 01:12:07 GMT content-encoding br x-content-type-options nosniff age 3501 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64474 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 08 Aug 2024 02:12:07 GMT
GET H2	200	4497677992054808678 tpc.googlesyndication.com/simgad/ Frame 5DC3	68 KB 69 KB	702ms 372ms	Image image/png	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4497677992054808678 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d4c1b1d2a75c10cd9fa2a59a3b41e0fa7fee1b0457de406a0e555f95e396d46d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers expires Fri, 08 Aug 2025 02:10:28 GMT date Thu, 08 Aug 2024 02:10:28 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70131 x-xss-protection 0 last-modified Thu, 01 Aug 2024 14:10:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET DATA	200 OK	truncated / Frame 5DC3	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c049322b41d09aefbc27d67820a0da6830b40dbca49eab56b8ad4828bba4d722 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame F6E2	0 0	210ms 183ms	Fetch image/gif	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvb0pOLmyvfOdY96iOwGKeTFG8a5OMBBHLLFOjNMaILiFZHmHRUkAA_aSeeYO3cLDHMISjE1j2YQ-UeVn_FSrd6f5NgmSjMZsrmG8L5NOyeTwNnVBZG9mV1FfP7G2ubbPSY4LsYARAa2siH35DuF3nm1bsMAEFPjwUgD_hP-U1u61SaYtO0M2WdtXSLAaqnEfM7V3GkHs9HWAu2xfIeL407RSm3kvB76NwAX9XmfvQ4oQoWNkUgU4K-oeHj895XGHD2MmoQqcx_G49KffLjW5K67I_8_devp-e6oFtpAL7QA7HPjR3dxx-z361jox_OwtnVEscqJoMWKfsD-QzadyIPfB85Mk6m0U9qN6tSew03-dgLJSvt_BlLCVhx3Mi6A9JbGYy3r_3yfFyJEfChuiXUTOOEytE&sai=AMfl-YSCUolcSk2gCQ1F4IQe0QAUzRNW9s6IUgdAGcvz9PNWVSo_jQoJ57eXEDk1HPOEcEQr2hJuz-53nQ8mqNIKQ8WdKIkvbNndNw57kSGlRzODF-HakS0YJrhA9csseZavbatP0By_XpHHqPqKKzpCTSVf&sig=Cg0ArKJSzERHZGt6GKNbEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 08 Aug 2024 02:10:28 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/ Frame F6E2	3 KB 0	590ms 590ms	Script text/javascript	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 21:41:14 GMT content-encoding br x-content-type-options nosniff age 16154 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 21 Aug 2024 21:41:14 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F6E2	203 KB 0	282ms 282ms	Script text/javascript	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash 3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 01:12:07 GMT content-encoding br x-content-type-options nosniff age 3501 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64474 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 08 Aug 2024 02:12:07 GMT
GET H2	200	5198765717627727259 tpc.googlesyndication.com/simgad/ Frame F6E2	29 KB 29 KB	508ms 292ms	Image image/png	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5198765717627727259 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f98e6dbdc3fa918be20be498cd86f26db641b2d113e20d3a378f8ae650e6d60c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Tue, 06 Aug 2024 06:42:43 GMT x-content-type-options nosniff age 156465 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29713 x-xss-protection 0 last-modified Fri, 19 Jul 2024 07:49:05 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 06 Aug 2025 06:42:43 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 7E0C	0 0	215ms 209ms	Fetch image/gif	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstF1syMmmc4N7jiZt9gSg50l4x_aqir-d6wPJ8Ntkx4gqQwYBlEV9mn5Ht-FExI1c22DuZ6xswMWI8IcdcvaEqL95Q64-lySo2t25qAJgfM0JOd2bJU9_2H6o5lgHlbJ79_Sp7UnHPpl3RfRGSI-KnHjkDeNOTDdSdPaDiqe5Dh-MKuEk-iIUcOitk9AmiSl909D3yuv37z5aFkLPWEPUlrvy5GluG3rxGV1YyZVvo6QViQd1v9exb299XqIc-Bu6wX8SppMVhUX7jNk8TNQailnnvh4XMDQNRrxhqSs1-0LWowXJIyrzildi7RZKMeIqcqbib7t0cGD0IunbheGo0fFWZAjAjOsbWKT8z7bysYz7xJdWEziizGBdcjuKg-CF4i3Jhv__r95ELhooFo23u7JAn-_sA&sai=AMfl-YRaChEH7us67HTwqabaXvLxmfC07oOhg5il0cATKAErv1pDkbvvLOBjSLe8SEttr9SEA6iVEjYMqEhc-YS4yJ8uw-0l5g9xhVlMXNR72bhFcITtoDZ5s9alfSWeDpWsTeV6CyF6sUTMj2AkAfbRD8za&sig=Cg0ArKJSzMyLvI3JFClrEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 08 Aug 2024 02:10:28 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/ Frame 7E0C	3 KB 0	529ms 529ms	Script text/javascript	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 21:41:14 GMT content-encoding br x-content-type-options nosniff age 16154 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 21 Aug 2024 21:41:14 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7E0C	203 KB 0	221ms 221ms	Script text/javascript	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash 3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 01:12:07 GMT content-encoding br x-content-type-options nosniff age 3501 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64474 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 08 Aug 2024 02:12:07 GMT
GET H2	200	6628113222968632256 tpc.googlesyndication.com/simgad/ Frame 7E0C	37 KB 38 KB	267ms 124ms	Image image/png	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6628113222968632256 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js?cb=31085955 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 009948db66adcd916bca64f440ea710207ddc9f152b032b76a8c180940daf34f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Thu, 08 Aug 2024 00:26:31 GMT x-content-type-options nosniff age 6237 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38285 x-xss-protection 0 last-modified Fri, 19 Jul 2024 07:24:15 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 08 Aug 2025 00:26:31 GMT
GET DATA	200 OK	truncated / Frame F6E2	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cf1485504f20ea0603dd4cba4fb44881ab38361c3551687c922e95da23d58490 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 7E0C	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e612fc6bbb39d8190d44c04582bdd45eb3bde27cc945f4a28287f794200eabcc Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	js Show response www.googletagmanager.com/gtag/	268 KB 92 KB	152ms 150ms	Script application/javascript	172.217.222.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-875375440 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.222.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS qi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 3a017a59e872d63b5fc41c83e8b989438647d3a436a245c5e8970db903917d9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 93940 x-xss-protection 0 last-modified Thu, 08 Aug 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 08 Aug 2024 02:10:28 GMT
GET H2	200	otCenterRounded.json Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	9 KB 3 KB	98ms 86ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCenterRounded.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:28 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 mPFWl2a3UR06DZ1cx/YBSQ== age 27279 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2612 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:38 GMT server cloudflare etag 0x8DCA5E42003D45E vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 2c3e2b46-a01e-0023-7317-d8fc41000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8afbf861ac0e2aa9-LAX
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	62 KB 15 KB	101ms 90ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otPcCenter.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efc69d4464af1d588f4acd82f8826658ae319ba867637e2a16e5b7855ebe702f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:28 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 6ih9XJsNsdvzTBaxTC+2Fw== age 37036 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 14987 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:38 GMT server cloudflare etag 0x8DCA5E41FECBCD3 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id be885ef5-d01e-00eb-4017-d86d76000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8afbf861bc132aa9-LAX
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	24 KB 4 KB	97ms 87ms	Fetch text/css	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 9eusssrwoAzVOVsIadvhfQ== age 1986 x-ms-lease-status unlocked last-modified Tue, 16 Jul 2024 22:10:51 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id b673c812-901e-002b-0717-d8e732000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8afbf861bc152aa9-LAX
GET H2	200	utsync.ashx Show response ml314.com/	571 B 1 KB	143ms 141ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=81370&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&pv=1723083028768_8rkx2r0no&bl=en-us&cb=7593182&return=&ht=&d=&dc=&si=1723083028768_8rkx2r0no&cid=&s=1600x1200&rp=&v=2.7.4.212 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash f4a2231c495c4cea73941930fb236ff2942a91697bb5d42ace695dd936b7beef Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:28 GMT via 1.1 google server Google Frontend content-type application/javascript p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H/1.1	200 OK	ud.ashx Show response in.ml314.com/	20 B 482 B	790ms 181ms	Script application/javascript	54.156.191.144 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://in.ml314.com/ud.ashx?topiclimit=&cb=772024&v=2.7.4.212 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.156.191.144 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-156-191-144.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 08 Aug 2024 02:10:28 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public Connection keep-alive Content-Length 138 Expires Fri, 09 Aug 2024 02:10:29 GMT
POST H2	204	collect analytics.google.com/g/	0 0	515ms 132ms	Fetch text/plain	2607:f8b0:4004:c08::8a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-8VSXE5KKGM&gtm=45je4851v898772242z878347448za200zb78347448&_p=1723083027394&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1773326924.1723083028&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723083028&sct=1&seg=0&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&dt=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&en=page_view&_fv=1&_ss=1&tfd=3542 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 264 B	505ms 121ms	Ping text/plain	2607:f8b0:400d:c02::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8VSXE5KKGM&cid=1773326924.1723083028&gtm=45je4851v898772242z878347448za200zb78347448&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c02::9a Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/875375440/	3 KB 2 KB	443ms 130ms	Script text/javascript	173.194.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/875375440/?random=1723083028966&cv=11&fst=1723083028966&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457z878347448za201zb78347448&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=959799631.1723083028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&rfmt=3&fmt=4 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS qr-in-f156.1e100.net Software cafe / Resource Hash 3c2a5d3c56080deefd991433ec5b9cf156ccc70eef1720c46c22095d45e3a483 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1642 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adsct t.co/i/	43 B 374 B	470ms 167ms	Image image/gif	72.21.81.130 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=1&eci=1&event_id=c23567ec-d0ec-432c-a4a5-3fdfd0744ce1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=16fa0664-1cc5-46c5-a92c-7f15a94181c4&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.30 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.21.81.130 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_p / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-response-time 6 date Thu, 08 Aug 2024 02:10:29 GMT strict-transport-security max-age=0 server tsa_p content-type image/gif;charset=utf-8 x-transaction-id fe6bc1a0f73fc328 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 4c165da0a9e5cafefe5aa9ecb94f4f5c9c419a95820d2e17e4871f870fb645c9 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 392 B	402ms 97ms	Image image/gif	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=c23567ec-d0ec-432c-a4a5-3fdfd0744ce1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=16fa0664-1cc5-46c5-a92c-7f15a94181c4&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.30 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_p / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-response-time 4 date Thu, 08 Aug 2024 02:10:28 GMT strict-transport-security max-age=631138519 server tsa_p content-type image/gif;charset=utf-8 x-transaction-id e6f532d8d20b979b cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 9071c981fe286bb663c5b94f037d1c696c10a29575d504ee2249b5603f170bd9 content-length 43
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 5DC3	0 0	177ms 177ms	Fetch image/gif	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8urjrMiaUlkWvNovinE8AzPDypFR6n_kHgnt5Dipb1fzbMmdn65Vz-ykNiMtOM_nf1Cg7x_ExN0vHUJz6q90sberNCpLUDapIdQEUT4p4AK3B5VT7DiyDFeWbUJqI8LnjxDKMcD7253y_9zksJhloH2isaftHc-TM6kW-lRORHP45AXw35aUN5maLfFNzQK9C3Sm__STZrNLbNUMxuQD7AAku4r_k60lC5DYIjPRNpBCW3Bc7OZeWGW1krtI5Pk4vbx5SYCntjlCVgEcroENAbZf2-a3SIiw5_DEjZwq5GNWorLmHhcRNR7CcWPhDztGLQ82dJ31H-m0AoJ6dtwU06cueHM0mnzCUenrFo9sdWl8sgDcBpLcyiO73uFI5QdiQW5SrqRarwY5t9TAxQ-Gp_SHGrlkHNQ&sai=AMfl-YQ8-75TvTvMBEVpOPRTqQ08VCyQr6l4dfDflHAEmNfRz0NjgJkXBhn2AaU1nIhxfBnulDmuP4G_dtxTD1oE7uJowh5odBdyBLy2ZBlpUGgDt9I8_grmkJD42g3kwUKrSXpBkx1EZtHvBqhAehJjJELv&sig=Cg0ArKJSzG0EJw4GEIKpEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:29 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 08 Aug 2024 02:10:29 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame F6E2	0 0	189ms 188ms	Fetch image/gif	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQv9raby2IvV1ZMeZOSpnUnDBhFeUO_iPl5zHHw7lpJ-1yV3OeCol3XSinbIhhQkazCiLixFFLGX0oyaFnPxluGXbWLKf4vJ0heqQZN5xI3srDxJhrYj8_n83EMjuBpkUJLbRrOlm3tuYXPfGVhXRdBaMYbRpNlcAcklzV0hKJBkdUetxjn2RUoZdTc2iomop0TlRy-Y93cviXxldEcZkSbow9N8oCsNoM3e0xqNndgQBRYnbFSvgMkRGAxU33rQnJncnfK9e6LiIxSFI9Hknhua0fQYcZNO5UYAOVE5u6jApJMbEvrbNa_eg-ahePspJ9LYdFXnvW_ueyh_aSGSumkrON8LMwzm14_O4J0y93o86nGklELgc-vddq62SAQlIsNkA9z-ZlacuQFNRNVTtRWh6bYadBUg&sai=AMfl-YQ172vwfLQOrgLyJmYW5l4wrq4bgHXgjNSs1toOwMRX_ISy1leh7GBhVFzT9G7LuHuqQurQWKLPUV270n2gLv0VTmPC_79cgNCQLyXqfjCwgTTWQRXYa5rosWVmYNOUhzDKxqAQX2-0tkyoNkDVzYWF&sig=Cg0ArKJSzDdR1tdFX9k7EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:29 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 08 Aug 2024 02:10:29 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 7E0C	0 0	197ms 195ms	Fetch image/gif	74.125.192.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-8ORGDGNYq87UzLZujmnxMMzfXTmQCY9j-_CVH5k4upXcAfzpVmg5Ek2wBPYJXXmhibqbE6TJSvUV-7S88VPGrhVYXAL62mJO5fvXgrH7RGX9Zj2H0n-UjvbKQ2NJvECp63CauvscOuKEgkUb7L_10Lwot7mGkvZ2k47WhABif8MOl5Osj0Z5zOW-xMV2_Obc7__xKKx802Bv5Vxq7UXviDU-nvtGCSB_S3vc2mB7h99VL8YFUvsZhYwMVXO-S-PN2ddWTlZRFJ7x-fy1CnFnZWz8Tfihu2j85HX2_AoBGCMnDoe7hvqKiCEqnDuSAPUgWDH6llnDxwm-RuozMn4Mi2gzPccRuUu4KvkM5Oxw9nkUW2eszCNF_Pi8qv2XZEwYKWZxtylL-MwkliU6KZFQb9-W-4hIuw&sai=AMfl-YRfKivCGe0IoZMTz0tUpQog84ArjtnUDqBPC63WKmjkZ4fl2AhRHl8QDMKlL-Tk6ndTTv2FxFKXKk4pabwVQuots8DEliQQN-8a6GxyphpyUI2kC9bI-c-Kv7QVkU8CkZLMaehCpnA0hrifZAzcZuof&sig=Cg0ArKJSzL55qWM3ajAHEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.192.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qn-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:29 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 08 Aug 2024 02:10:29 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5DC3	0 0	431ms 183ms	Fetch image/gif	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F6E2	0 0	611ms 183ms	Fetch image/gif	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7E0C	0 0	797ms 190ms	Fetch image/gif	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	580638648955413 Show response connect.facebook.net/signals/config/	73 KB 15 KB	125ms 121ms	Script application/x-javascript	2a03:2880:f003:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/580638648955413?v=2.9.164&r=stable&domain=www.infosecurity-magazine.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9a4ca4412ff5e8a3e05954e733fdcd96daf199bb726a1a769739380e0dc018bc Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 08 Aug 2024 02:10:29 GMT document-policy force-load-at-top x-fb-server-load 33 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 15007 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=65, mss=1297, tbw=64398, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug eF8wpOFKCUwv3w4+2ismCj69fH/ZbbDW01In61vLvvsD8H+zClbzRGE6KipX6sApFXPuRkCal+uCT73adSH4pw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/	3 KB 1 KB	454ms 164ms	Script text/javascript	209.85.201.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=1723083029274&cv=11&fst=1723083029274&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=959799631.1723083028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 209.85.201.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qu-in-f157.1e100.net Software cafe / Resource Hash eef6313175d55fd1a83134b9e41ece72eb06541c4ab5e219ff6990592b9cbb6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1430 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	csync.ashx ml314.com/ Redirect Chain https://idsync.rlcdn.com/395886.gif?partner_uid=3646136418869706809 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0NjEzNjQxODg2OTcwNjgwORAAGg0IldLQtQYSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=424c32de12bb21142885737e4fb8bf71703e3b03641a36ac57d37921028309bdf4cb09cee1a4f8eb&person_id=3646136418869706809&eid=50082	43 B 56 B	110ms 109ms	Image image/gif	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=424c32de12bb21142885737e4fb8bf71703e3b03641a36ac57d37921028309bdf4cb09cee1a4f8eb&person_id=3646136418869706809&eid=50082 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-type image/gif date Thu, 08 Aug 2024 02:10:29 GMT via 1.1 google server Google Frontend alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 09 Aug 2024 02:10:29 GMT Redirect headers date Thu, 08 Aug 2024 02:10:29 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=424c32de12bb21142885737e4fb8bf71703e3b03641a36ac57d37921028309bdf4cb09cee1a4f8eb&person_id=3646136418869706809&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	utsync.ashx ml314.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 https://ml314.com/utsync.ashx?eid=53819&et=0&fp=28cd8600-a2b2-46f1-9587-61ddccf95b3b&gdpr=0&gdpr_consent=	43 B 60 B	115ms 114ms	Image image/gif	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/utsync.ashx?eid=53819&et=0&fp=28cd8600-a2b2-46f1-9587-61ddccf95b3b&gdpr=0&gdpr_consent= Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT via 1.1 google server Google Frontend content-type image/gif p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0,Fri, 09 Aug 2024 02:10:29 GMT Redirect headers location https://ml314.com/utsync.ashx?eid=53819&et=0&fp=28cd8600-a2b2-46f1-9587-61ddccf95b3b&gdpr=0&gdpr_consent= date Thu, 08 Aug 2024 02:10:29 GMT server Kestrel content-length 241
GET H3	200	csync.ashx ml314.com/ Redirect Chain https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646136418869706809 https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3646136418869706809 https://ml314.com/csync.ashx?fp=f6485264daa9a4bfa507636584e8abe3&eid=50146&person_id=3646136418869706809	43 B 56 B	220ms 220ms	Image image/gif	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=f6485264daa9a4bfa507636584e8abe3&eid=50146&person_id=3646136418869706809 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-type image/gif date Thu, 08 Aug 2024 02:10:29 GMT via 1.1 google server Google Frontend alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 09 Aug 2024 02:10:29 GMT Redirect headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://ml314.com/csync.ashx?fp=f6485264daa9a4bfa507636584e8abe3&eid=50146&person_id=3646136418869706809 cache-control no-cache x-server 10.40.48.117 content-length 0 expires 0
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2o6uY3FWRXpvqe0JY3L98VchhbNAC3NFOHaL0BMDBonQ&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p... https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20	70 B 440 B	130ms 130ms	Image image/gif	50.16.174.192 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol HTTP/1.1 Server 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-174-192.compute-1.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Date Thu, 08 Aug 2024 02:10:30 GMT Content-Length 70 Content-Type image/gif Redirect headers pragma no-cache date Thu, 08 Aug 2024 02:10:30 GMT via 1.1 google server Google Frontend content-type image/gif location https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20 p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate x-cloud-trace-context cdea5959b077e9fb941fd3c9baff2ab2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires 0,Fri, 09 Aug 2024 02:10:30 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 518 B	325ms 179ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 08 Aug 2024 02:10:29 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: E53E622DCAFE4AC3B1C14DB64202E3E4 Ref B: LAX311000108033 Ref C: 2024-08-08T02:10:29Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://www.infosecurity-magazine.com x-li-source-fabric prod-lor1 x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYfIofk+L400jc1pWdgxQ==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 762 B	280ms 143ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept * Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:29 GMT content-encoding gzip x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: CFCC95064C424A06A2193B997DA925E7 Ref B: LAXEDGE1717 Ref C: 2024-08-08T02:10:29Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lva1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYfIoflS1qTjQQHbzK6dA== x-fs-uuid 00061f2287e54b5a938d04076f32ba74
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5460932%26time%3D1723083029360%26url%3Dhttps%253A%252F%252Fwww.infosecurity-magaz... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true&liSy... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true&liS...	0 486 B	565ms 185ms	Image application/javascript	2620:1ec:51::12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQInoTuf_dL1GwAAAZEvwH8jbwE5loVUbWllzD4hF1q_vZLmx6hcEmJBmfCeHEwWcOYrSA Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Server 2620:1ec:51::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:30 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 7CBFD8A558714DAB9A39B2646CBF90F2 Ref B: CO1EDGE2017 Ref C: 2024-08-08T02:10:30Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYfIof4qW7JMs9FpPcqgw== Redirect headers date Thu, 08 Aug 2024 02:10:30 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 1A586A89EFE04AE4B4E9B63148A85456 Ref B: LAX311000108033 Ref C: 2024-08-08T02:10:30Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1723083029360&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQInoTuf_dL1GwAAAZEvwH8jbwE5loVUbWllzD4hF1q_vZLmx6hcEmJBmfCeHEwWcOYrSA x-li-proto http/2 content-length 0 x-li-uuid AAYfIofwg3XDNjx0tiY14A==
GET H2	200	/ www.facebook.com/tr/	0 270 B	374ms 122ms	Image text/plain	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&rl=&if=false&ts=1723083029415&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1723083029408.3885473861280264&cs_est=true&ler=empty&cdl=API_unavailable&it=1723083029238&coo=false&rqm=GET Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=2832, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 08 Aug 2024 02:10:29 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	457ms 212ms	Image image/png	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&rl=&if=false&ts=1723083029415&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1723083029408.3885473861280264&cs_est=true&ler=empty&cdl=API_unavailable&it=1723083029238&coo=false&rqm=FGET Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Thu, 08 Aug 2024 02:10:29 GMT document-policy force-load-at-top x-fb-server-load 45 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400585259850981611", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3146, tp=-1, tpl=-1, uplat=83, ullat=0 pragma no-cache x-fb-debug SH8QL0ke5dMGETFZ+G0YXyy7zKBmkGxcH9UJlbwBTI7PpknMtVyTq+KLxeEsck9UJRRnL8GVRfOBfzRVdDvf3w== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400585259850981611"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-conversion/875375440/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=645982266&cv=11&fst=1723083028966&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457z878347448za201zb78347448&gcd=13... https://www.google.com/pagead/1p-conversion/875375440/?random=645982266&cv=11&fst=1723083028966&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457z878347448za201zb78347448&gcd=13l3l3l3l1&dma=0&tag_ex...	42 B 64 B	756ms 149ms	Image image/gif	173.194.204.106 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-conversion/875375440/?random=645982266&cv=11&fst=1723083028966&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457z878347448za201zb78347448&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=959799631.1723083028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIztiIv6jkhwMV0QuICR3GkDO_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSKQDpaXnf7bDNqCGWdwfizc0jbjrNrvvG938qc0HAL9Ur9r3cE0L93qet&eitems=ChEI8LbMtQYQy5uQ8faRgrrzARIdAFQrdb6bdfLkm0KqB9fS5FZv0CeHvlIsR0Tgqfc&random=622350952 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Server 173.194.204.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f106.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:30 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 08 Aug 2024 02:10:29 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.google.com/pagead/1p-conversion/875375440/?random=645982266&cv=11&fst=1723083028966&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457z878347448za201zb78347448&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=959799631.1723083028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&fmt=3&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQJKJ3RyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2UsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIztiIv6jkhwMV0QuICR3GkDO_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggS&is_vtc=1&cid=CAQSKQDpaXnf7bDNqCGWdwfizc0jbjrNrvvG938qc0HAL9Ur9r3cE0L93qet&eitems=ChEI8LbMtQYQy5uQ8faRgrrzARIdAFQrdb6bdfLkm0KqB9fS5FZv0CeHvlIsR0Tgqfc&random=622350952 content-type image/gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/875375440/	42 B 64 B	714ms 137ms	Image image/gif	173.194.204.106 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/875375440/?random=1723083029274&cv=11&fst=1723082400000&bg=ffffff&guid=ON&async=1&gtm=45be4851v892578457za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fmicrosoft-365-phishing-alert%2F&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20365%20Phishing%20Alert%20Can%20Be%20Hidden%20with%20CSS%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=959799631.1723083028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfZWHnsaccKEjaILkizfYZYPohBSbc0bmgP1AbtTbUoGP3UyPG&random=501789678&rmt_tld=0&ipr=y Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.204.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f106.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:30 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F6E2	42 B 65 B	181ms 181ms	Fetch image/gif	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuu0sNBEejlTPkMYGYBHwWGKfHfnWgJCmEf0K5KWLRzWuVY7_R4k3aWWlHhx7qcYpgH_QpmrWGBTVo4mUPBbwJsbHHENZxEGiZYPMhfInWuGYlz5gJ_WxT6hte72X70agsM0pGAKuxjPVVmxmn1X97XA2mkdsLkqLE&sig=Cg0ArKJSzPkDLOKqGcy4EAE&id=lidar2&mcvt=1000&p=8,436,98,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3449391486&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1901582900&rst=1723083028419&rpt=736&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:30 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5DC3	42 B 65 B	228ms 228ms	Fetch image/gif	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoSrN4gFzYfKFnwvH7Mu_WIApav1cI7FJjGSUdxetvKnlNItDygYpxhYLle-1LCVS6mGn7Xmlx3nTBTlOJhzh_3gdx0amQHq0_FvbaSz1G_vgzyZKjsVaVNVEtz8hJBe9ljBzA1cpph1p9dhXeBYZ2cIzhMpEUufs&sig=Cg0ArKJSzIysIEdPbAHWEAE&id=lidar2&mcvt=1003&p=809,1046,1059,1346&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1886982906&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1901582900&rst=1723083028295&rpt=816&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:30 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7E0C	42 B 65 B	180ms 180ms	Fetch image/gif	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhWXuHW2IvwsfSoCvpV5dK84VJht4uPMEfpEEnCmYTWgD-mKbcnqO60he-oWAnTlGnvwPb0q-KON2PZkbup_LU__t47zWp4EXja8CCMNw10V1yDviwiHIuD4dpNDTNrKTzx8Ntx2htL19HB6k99QUWJDohdlWAErM&sig=Cg0ArKJSzPCv5cjptg5sEAE&id=lidar2&mcvt=1000&p=1102,436,1192,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=11265656&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1901582900&rst=1723083028485&rpt=709&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 08 Aug 2024 02:10:30 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	nr-spa-1216.min.js Show response js-agent.newrelic.com/	49 KB 19 KB	200ms 61ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1216.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id MElzWumrf8lREc3kORDlSWHVtEZAK4m8 content-encoding br via 1.1 varnish date Thu, 08 Aug 2024 02:10:31 GMT strict-transport-security max-age=300 x-amz-request-id 63E2Y5N6W38FST92 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 19141 x-amz-id-2 xJARt67vjcAzR/DzI0vhCB3jQex5WbivUrLF1GlAnFAUNPsidrkxHitFWUzGLYwRx44QEtnhfhk= x-served-by cache-bur-kbur8200031-BUR last-modified Wed, 18 Oct 2023 21:31:16 GMT server AmazonS3 etag "63e2df852d15ab21d7ff8fc4363222e8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 40838
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 13 KB	139ms 139ms	XHR application/json	173.194.66.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408060101&st=env Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.66.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qo-in-f157.1e100.net Software cafe / Resource Hash 8e2b2d9cf3691177ec50b42e9dcc81277d8fcc66a67f94d54252d3ddeaf5cc84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:31 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12834 x-xss-protection 0
GET H2	200	RX_Logo_-_primary_logo_for_everyday_use.png cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/	51 KB 51 KB	75ms 74ms	Image image/png	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/RX_Logo_-_primary_logo_for_everyday_use.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 279b6c8b97bfb37476d6d075d1431d85a380ca36ebe6af4146844cfb135c21d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 yxwPB4FKahj/CgrZY2+Gbg== age 78538 content-length 52319 x-ms-lease-status unlocked last-modified Mon, 02 Aug 2021 09:46:17 GMT server cloudflare etag 0x8D9559A5FD49D88 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 38ba0fab-d01e-0095-2472-79d136000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8afbf86fbfda0c9f-LAX
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	78ms 78ms	Image image/svg+xml	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 08 Aug 2024 02:10:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 85961 x-ms-lease-status unlocked last-modified Tue, 06 Aug 2024 16:01:01 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 91c38d99-e01e-00a7-0e33-e8aa69000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8afbf86fbfdd0c9f-LAX
GET H2	200	favicon.ico www.infosecurity-magazine.com/	15 KB 17 KB	146ms 145ms	Other image/x-icon	3.166.192.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.166.192.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-166-192-116.phl51.r.cloudfront.net Software RX / Resource Hash 298718a23e658b099c5c1f9aa683dd448e518e1f6c91c4832d4ccd8fba4a4cdf Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 07 Aug 2024 08:04:02 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff via 1.1 a05c988f1ff5eca0063434427c11a90a.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P2 age 65189 x-cache Hit from cloudfront content-length 15406 x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 03 Aug 2023 12:59:01 GMT server RX etag "c9436846ac6d91:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type image/x-icon feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() accept-ranges bytes access-control-allow-headers Content-Type x-amz-cf-id UHIvlp9gAgi4oSP3wPr2032BoKfhOSzLWoj8V5FgbRf7QeYUaNODNg==
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	126ms 125ms	Script text/javascript	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 08 Aug 2024 02:10:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 08 Aug 2024 02:10:31 GMT
GET H/1.1	200 OK	NRJS-70b3f9b2c6f17cc4471 Show response bam.eu01.nr-data.net/1/	79 B 731 B	907ms 279ms	Script text/javascript	185.221.85.3 NEW-2
General Check archive.org Show headers Download Go to Full URL https://bam.eu01.nr-data.net/1/NRJS-70b3f9b2c6f17cc4471?a=241052313&v=1216.487a282&to=MhBSZQoZXxEDUkdRWQtacWIoV0UHD0FfWUIABh9GHRpBAwVUHVlFFQ0%3D&rst=5783&ck=1&ref=https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/&ap=10&be=749&fe=5563&dc=2178&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1723083025379,%22n%22:0,%22f%22:0,%22dn%22:40,%22dne%22:40,%22c%22:40,%22s%22:168,%22ce%22:304,%22rq%22:304,%22rp%22:533,%22rpe%22:549,%22dl%22:548,%22di%22:2177,%22ds%22:2177,%22de%22:2178,%22dc%22:5562,%22l%22:5562,%22le%22:5589%7D,%22navigation%22:%7B%7D%7D&fp=2295&fcp=2295&jsonp=NREUM.setToken Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.85.3 , Ireland, ASN206998 (NEW-2, IE), Reverse DNS Software cloudflare / Resource Hash 0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 08 Aug 2024 02:10:31 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Transfer-Encoding chunked x-envoy-upstream-service-time 3 cross-origin-resource-policy cross-origin Connection keep-alive Server cloudflare Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * access-control-expose-headers Date access-control-allow-credentials true CF-Ray 8afbf8755e39218a-MAD timing-allow-origin *
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21DB	0 0	375ms 122ms	Document text/html	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 595568 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 01 Aug 2024 04:44:23 GMT expires Fri, 01 Aug 2025 04:44:23 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame E6EF	0 0	384ms 136ms	Document text/html	173.194.204.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/microsoft-365-phishing-alert/ Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.204.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS qb-in-f99.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-oR3mlPm_tPb_v0CZmrIFiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-oR3mlPm_tPb_v0CZmrIFiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 08 Aug 2024 02:10:31 GMT expires Thu, 08 Aug 2024 02:10:31 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408060101&jk=2787418353741155&bg=!MjGlMX7NAAZjy5caQ8s7ADQBe5WfONLUzOuW_qSDEoz3BTmEu1BtG49rSgemdauXzZoiGyDoQkPGWugX3aA0We27UcXNAgAAAGVSAAAAA2gBB34ANgSD8SMzYgWV4KrI4wt8HTJ5pFaOW8tt8rHt4xyVAPNElktG91qEwUMTCbbx_3FvZ-CyquXi1ZkCyGrOD08abUUPxK2VNXFmlL6-DahWOXQm86Mbdk7vIcSnML-kM3eEGX7I9JyhlhK2kV7yux8f1zP1nPJ92r7MgU17jFO1_1c71D3YQED3lKB-rhjAcz_2LW0gIupq4e4k0CDFk9jf0RF9pGlMG3FhRz6kfn--0uo8Di3lBV5dOM0j4NT6RXbp-ZfA1Twhm6HZZobfoyEmaZ-7EhvBsCt_wsdsLmIFifWYA4kiqnYz8VVHb8FsaeWcWyW3jo0YWWRDOBwwoqlKlveUNL5HCAtCgOvsIwOBFTnI1d0CKli2n8e10EFSUZrDc4DzxDvQ0OmRe35RlFvSt3WgoYYercf9Bdt9v5ayy2g_Z0lesJ-76YTh-Itqd-7_zuzNze4XITuDYw8t__L1XN8rTUZwX6bKx0ckEwuYAX3pBJcGc861SuMb9jcagz7dn4ORr67aSkF8J4yl2VkdbW6FTXJt8yarSYestaIUjh-NATtqZjVPMLNINnJg8HKl_PbvCxuBFdIjxQySp6nLWdWNT1A2Nr6G-6qZmO_YdlCxciD9S6aqJ08bUeHdWtkotchezxWmKgvUe8ZbeAfnotM-xHYIM82rbOSbmxL32ttuEenPwd-_LubExosa3fMCIGbyhRkWWKxrv7jlQVcanZldQRQwzXKYG2d1EVz9JnGuFyGH1JEDGJ5BXd3HtsYAFzSEP6c2GOJX9G0trDlGIp4CDLvAQ1b67hs8ktr8rwPPlHKTDpNqXCTDXleq9TTUpO0fycEEQHXBZjCOBTVhjsgc_puAwoojNFSAaYHpGR-4EgkJ1jWKU2AU1eCn_4ktyVnFdCZfLQkXlI2jq6CxemqSkIdsobBQlgeZQA3bcAcYMLGFjB6Rp5ydtaF_0NVPJYlp9qamhFan6zKz8fcLDseGFMjheyK5ypzUP3MI3Cy-KBDubkPlZXzSRYgunfghzx0