www.dailyrecord.co.uk Open in urlscan Pro
143.204.237.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Submission: On June 13 via api (June 13th 2020, 7:07:50 am UTC) from GB

Summary HTTP 305 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 80 IPs in 9 countries across 42 domains to perform 305 HTTP transactions. The main IP is 143.204.237.57, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.dailyrecord.co.uk.
TLS certificate: Issued by Amazon on May 12th 2020. Valid for: a year.

This is the only time www.dailyrecord.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	143.204.237.57 143.204.237.57	16509 (AMAZON-02) (AMAZON-02)
38	143.204.237.89 143.204.237.89	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	52.48.201.53 52.48.201.53	16509 (AMAZON-02) (AMAZON-02)
15	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	143.204.237.14 143.204.237.14	16509 (AMAZON-02) (AMAZON-02)
11	143.204.237.21 143.204.237.21	16509 (AMAZON-02) (AMAZON-02)
4	52.49.48.237 52.49.48.237	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
3	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4	143.204.244.102 143.204.244.102	16509 (AMAZON-02) (AMAZON-02)
1	148.64.56.194 148.64.56.194	200981 (GRAPESHOT...) (GRAPESHOT-UK-1)
1	52.211.110.107 52.211.110.107	16509 (AMAZON-02) (AMAZON-02)
1	143.204.237.92 143.204.237.92	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:215d:600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:215d:7400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::2011	15169 (GOOGLE) (GOOGLE)
3	143.204.237.122 143.204.237.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:215d:9000:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02)
2 7	104.121.152.36 104.121.152.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
3	143.204.237.28 143.204.237.28	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:215... 2600:9000:215d:d600:14:75d3:e5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:215d:ae00:6:8c85:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.237.41 143.204.237.41	16509 (AMAZON-02) (AMAZON-02)
1	34.246.59.179 34.246.59.179	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:215d:e200:13:79eb:1780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5 10	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1 3	52.49.190.28 52.49.190.28	16509 (AMAZON-02) (AMAZON-02)
2	50.17.132.182 50.17.132.182	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:215... 2600:9000:215d:a000:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:215d:2c00:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:215d:2800:8:391c:bb40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
3	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	35.227.208.151 35.227.208.151	15169 (GOOGLE) (GOOGLE)
1 2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:215d:4a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.166.33.82 35.166.33.82	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:215d:2200:7:8699:e840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	63.33.80.49 63.33.80.49	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.246.232 35.244.246.232	15169 (GOOGLE) (GOOGLE)
1 2	52.95.124.170 52.95.124.170	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:215d:6800:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
1	195.181.175.46 195.181.175.46	60068 (CDN77) (CDN77)
3	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	2600:9000:215... 2600:9000:215d:e200:1d:76ee:780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.237.60 143.204.237.60	16509 (AMAZON-02) (AMAZON-02)
2	37.252.161.190 37.252.161.190	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.212.41.149 52.212.41.149	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
9	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
7	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
7	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
7	52.58.195.54 52.58.195.54	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	2.16.107.66 2.16.107.66	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	99.83.181.31 99.83.181.31	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2.21.37.179 2.21.37.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:215... 2600:9000:215d:fa00:a:52eb:a100:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:c40... 2a02:26f0:c400:18d::36f1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.18.69.184 2.18.69.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.248.12 23.210.248.12	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
305	80

4 143.204.237.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-57.cph50.r.cloudfront.net

www.dailyrecord.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 143.204.237.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-89.cph50.r.cloudfront.net

s2-prod.dailyrecord.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.201.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-201-53.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.237.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-14.cph50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.237.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-21.cph50.r.cloudfront.net

i2-prod.dailyrecord.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.48.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-48-237.eu-west-1.compute.amazonaws.com

felix.data.tm-awx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.244.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-244-102.cph50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.64.56.194 (United Kingdom)

ASN200981 (GRAPESHOT-UK-1, GB)
PTR: server194.hml.grapeshot.co.uk

trinitymirror.grapeshot.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.110.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-110-107.eu-west-1.compute.amazonaws.com

stmg-prod.mirror.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.237.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-92.cph50.r.cloudfront.net

s2-prod.mirror.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:215d:600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:7400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

survey.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.237.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-122.cph50.r.cloudfront.net

s3.mirror.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:9000:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02, US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.121.152.36 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-121-152-36.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.237.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-28.cph50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:d600:14:75d3:e5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

recommendations.data.tm-awx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:ae00:6:8c85:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

mab.data.tm-awx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.237.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-41.cph50.r.cloudfront.net

i2-prod.mirror.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.59.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-59-179.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:e200:13:79eb:1780:93a1 (United States)

ASN16509 (AMAZON-02, US)

get-latest.convrse.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.190.28 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-190-28.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.132.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-132-182.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:a000:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02, US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:2c00:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:2800:8:391c:bb40:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.91.160 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.208.151 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 151.208.227.35.bc.googleusercontent.com

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:4a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.33.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-33-82.us-west-2.compute.amazonaws.com

test-apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:2200:7:8699:e840:93a1 (United States)

ASN16509 (AMAZON-02, US)

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.80.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.246.232 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 232.246.244.35.bc.googleusercontent.com

x.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.170 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:6800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.102.200 (Central, Hong Kong) 2 redirects

ASN54825 (PACKET, US)

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mydmp.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.46 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-44.cdn77.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:e200:1d:76ee:780:93a1 (United States)

ASN16509 (AMAZON-02, US)

market-dev.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.237.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-60.cph50.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.161.190 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.41.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-41-149.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.243 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.38.181 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.58.195.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

fo-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.66 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-107-66.deploy.static.akamaitechnologies.com

fo-static.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.181.31 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

signal-metrics-collector-beta.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.37.179 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-179.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:fa00:a:52eb:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)

dfp-gateway.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:c400:18d::36f1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.69.184 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-184.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-12.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	dailyrecord.co.uk www.dailyrecord.co.uk s2-prod.dailyrecord.co.uk i2-prod.dailyrecord.co.uk	1 MB
47	googlesyndication.com 550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	572 KB
26	ampproject.org cdn.ampproject.org	541 KB
23	doubleclick.net 1 redirects securepubads.g.doubleclick.net survey.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	549 KB
15	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com signal-beacon.s-onetag.com beacon.s-onetag.com prebid.s-onetag.com onetag-geo-grouping.s-onetag.com market-dev.s-onetag.com signal-metrics-collector-beta.s-onetag.com dfp-gateway.s-onetag.com connect-metrics-collector.s-onetag.com	207 KB
14	google.com 5 redirects adservice.google.com www.google.com cse.google.com clients1.google.com	163 KB
10	skimresources.com 3 redirects s.skimresources.com t.skimresources.com p.skimresources.com r.skimresources.com x.skimresources.com	16 KB
9	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com	184 KB
9	adnxs.com prebid.adnxs.com secure.adnxs.com	6 KB
9	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org test-apis.quantcast.mgr.consensu.org vendorlist.consensu.org audit.quantcast.mgr.consensu.org	145 KB
7	teads.tv a.teads.tv s8t.teads.tv t.teads.tv sync.teads.tv	178 KB
7	sharethrough.com btlr.sharethrough.com	826 B
7	rubiconproject.com fastlane.rubiconproject.com	5 KB
7	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
7	mirror.co.uk stmg-prod.mirror.co.uk s2-prod.mirror.co.uk s3.mirror.co.uk i2-prod.mirror.co.uk	37 KB
7	tm-awx.com felix.data.tm-awx.com recommendations.data.tm-awx.com mab.data.tm-awx.com	18 KB
7	crwdcntrl.net 1 redirects ad.crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	22 KB
6	gstatic.com fonts.gstatic.com	65 KB
6	exelator.com 2 redirects cdn.exelator.com loadeu.exelator.com load77.exelator.com mydmp.exelator.com	13 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	31 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	googletagservices.com www.googletagservices.com	112 KB
4	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	2 KB
3	lijit.com ap.lijit.com	4 KB
2	criteo.com bidder.criteo.com	302 B
2	omnitagjs.com fo-api.omnitagjs.com fo-static.omnitagjs.com	80 KB
2	the-ozone-project.com elb.the-ozone-project.com	372 B
2	chartbeat.net ping.chartbeat.net	336 B
2	convrse.media get-latest.convrse.media	4 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com	8 KB
1	pubmatic.com hbopenbid.pubmatic.com	121 B
1	adsrvr.org match.adsrvr.org	548 B
1	criteo.net static.criteo.net	30 KB
1	aswpsdkus.com aswpsdkus.com	24 KB
1	google.de www.google.de	106 B
1	google.ch adservice.google.ch	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	grapeshot.co.uk trinitymirror.grapeshot.co.uk	604 B
1	indexww.com js-sec.indexww.com	44 KB
1	googletagmanager.com www.googletagmanager.com	70 KB
1	webcontentassessor.com scripts.webcontentassessor.com	40 KB
305	42

	Domain	Requested by
41	tpc.googlesyndication.com	scripts.webcontentassessor.com www.dailyrecord.co.uk cdn.ampproject.org
37	s2-prod.dailyrecord.co.uk	www.dailyrecord.co.uk scripts.webcontentassessor.com s2-prod.dailyrecord.co.uk
26	cdn.ampproject.org	scripts.webcontentassessor.com securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	www.dailyrecord.co.uk scripts.webcontentassessor.com securepubads.g.doubleclick.net
11	i2-prod.dailyrecord.co.uk	www.dailyrecord.co.uk
10	www.google.com	5 redirects scripts.webcontentassessor.com www.dailyrecord.co.uk
7	btlr.sharethrough.com	js-sec.indexww.com
7	fastlane.rubiconproject.com	js-sec.indexww.com
7	secure.adnxs.com	js-sec.indexww.com
7	sb.scorecardresearch.com	2 redirects www.dailyrecord.co.uk www.googletagmanager.com cdn.taboola.com
6	fonts.gstatic.com	www.dailyrecord.co.uk
6	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
5	fonts.googleapis.com	scripts.webcontentassessor.com
4	googleads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	scripts.webcontentassessor.com securepubads.g.doubleclick.net
4	quantcast.mgr.consensu.org	s2-prod.dailyrecord.co.uk quantcast.mgr.consensu.org
4	c.amazon-adsystem.com	www.dailyrecord.co.uk c.amazon-adsystem.com
4	felix.data.tm-awx.com	www.dailyrecord.co.uk felix.data.tm-awx.com
3	t.teads.tv
3	ap.lijit.com	prebid.s-onetag.com get.s-onetag.com
3	p.skimresources.com	www.dailyrecord.co.uk
3	tags.crwdcntrl.net	s2-prod.dailyrecord.co.uk scripts.webcontentassessor.com tags.crwdcntrl.net
3	s3.mirror.co.uk	www.googletagmanager.com s3.mirror.co.uk www.dailyrecord.co.uk
3	survey.g.doubleclick.net	scripts.webcontentassessor.com
3	www.dailyrecord.co.uk	www.dailyrecord.co.uk
2	bidder.criteo.com	static.criteo.net
2	dfp-gateway.s-onetag.com	get.s-onetag.com
2	a.teads.tv	www.dailyrecord.co.uk s8t.teads.tv
2	trc.taboola.com	cdn.taboola.com
2	550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com	scripts.webcontentassessor.com
2	as-sec.casalemedia.com	js-sec.indexww.com
2	htlb.casalemedia.com	js-sec.indexww.com
2	mydmp.exelator.com	cdn.exelator.com scripts.webcontentassessor.com
2	cse.google.com	www.googletagmanager.com www.google.com
2	elb.the-ozone-project.com	s2-prod.dailyrecord.co.uk
2	prebid.adnxs.com	s2-prod.dailyrecord.co.uk
2	market-dev.s-onetag.com	www.dailyrecord.co.uk
2	loadeu.exelator.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects scripts.webcontentassessor.com
2	x.skimresources.com	2 redirects
2	onetag-geo-grouping.s-onetag.com	signal-beacon.s-onetag.com beacon.s-onetag.com
2	static.quantcast.mgr.consensu.org	scripts.webcontentassessor.com quantcast.mgr.consensu.org
2	r.skimresources.com	1 redirects www.dailyrecord.co.uk
2	t.skimresources.com	www.dailyrecord.co.uk s.skimresources.com
2	prebid.s-onetag.com	get.s-onetag.com
2	onetag-geo.s-onetag.com	get.s-onetag.com beacon.s-onetag.com
2	ping.chartbeat.net	www.dailyrecord.co.uk
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	get-latest.convrse.media	www.dailyrecord.co.uk get-latest.convrse.media
2	i2-prod.mirror.co.uk	www.dailyrecord.co.uk
2	mab.data.tm-awx.com	s2-prod.dailyrecord.co.uk
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	sync.teads.tv	scripts.webcontentassessor.com
1	s8t.teads.tv	scripts.webcontentassessor.com
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	15.taboola.com	scripts.webcontentassessor.com
1	signal-metrics-collector-beta.s-onetag.com	beacon.s-onetag.com
1	fo-static.omnitagjs.com	fo-api.omnitagjs.com
1	fo-api.omnitagjs.com	www.dailyrecord.co.uk
1	hbopenbid.pubmatic.com	js-sec.indexww.com
1	clients1.google.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	load77.exelator.com	www.dailyrecord.co.uk
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	sync.crwdcntrl.net	1 redirects
1	match.adsrvr.org	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	test-apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	aswpsdkus.com	scripts.webcontentassessor.com
1	beacon.s-onetag.com	www.dailyrecord.co.uk
1	signal-beacon.s-onetag.com	scripts.webcontentassessor.com
1	www.google.de	www.dailyrecord.co.uk
1	stats.g.doubleclick.net	1 redirects
1	pixel.adsafeprotected.com	cdn.adsafeprotected.com
1	recommendations.data.tm-awx.com	s2-prod.dailyrecord.co.uk
1	s.skimresources.com	www.dailyrecord.co.uk
1	adservice.google.com	scripts.webcontentassessor.com
1	adservice.google.ch	scripts.webcontentassessor.com
1	cdn.exelator.com	scripts.webcontentassessor.com
1	get.s-onetag.com	www.googletagmanager.com
1	static.chartbeat.com	www.googletagmanager.com
1	s2-prod.mirror.co.uk	www.googletagmanager.com
1	stmg-prod.mirror.co.uk	www.dailyrecord.co.uk
1	trinitymirror.grapeshot.co.uk	scripts.webcontentassessor.com
1	js-sec.indexww.com	www.dailyrecord.co.uk
1	www.googletagmanager.com	www.dailyrecord.co.uk
1	cdn.adsafeprotected.com	www.dailyrecord.co.uk
1	ad.crwdcntrl.net	www.dailyrecord.co.uk
1	scripts.webcontentassessor.com	www.dailyrecord.co.uk
305	90

This site contains links to these domains. Also see Links.

Domain
www.inyourarea.co.uk
www.facebook.com
twitter.com
donate.thanksamillionnhs.co.uk
timewith.co.uk
marketplacelive.co.uk
funeral-notices.co.uk
www.fish4.co.uk
games.dailyrecord.co.uk
inyourarea.co.uk
communicatoremail.com
help.netflix.com
om.forgeofempires.com
popup.taboola.com
financeblvd.com
crowdhouse.ch
topgadgetadvisor.com
jobs.reachplc.com
www.bookanad.com
discountcode.mirror.co.uk
www.scotcareers.co.uk
mediascotland.newsprints.co.uk
www.footie5.com
play.thepools.com

Subject Issuer	Validity	Valid
mirror.co.uk Amazon	`2020-05-12` - `2021-06-12`	a year	crt.sh
k3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-08` - `2021-04-20`	10 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
*.data.tm-awx.com Amazon	`2020-06-08` - `2021-07-08`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.grapeshot.co.uk DigiCert SHA2 Secure Server CA	`2019-03-05` - `2021-03-04`	2 years	crt.sh
stmg-prod.mirror.co.uk Amazon	`2019-08-22` - `2020-09-22`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.s-onetag.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
cdn.exelator.com Amazon	`2020-02-10` - `2021-03-10`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-06-02`	a year	crt.sh
*.google.ch GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2018-09-13` - `2020-10-07`	2 years	crt.sh
fw.adsafeprotected.com Amazon	`2020-03-14` - `2021-04-14`	a year	crt.sh
*.convrse.media Amazon	`2019-12-17` - `2021-01-17`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
aswpsdkus.com DigiCert SHA2 Secure Server CA	`2020-02-03` - `2022-02-07`	2 years	crt.sh
*.quantcast.mgr.consensu.org Amazon	`2019-12-30` - `2021-01-30`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2019-09-18` - `2020-08-26`	a year	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
1605158521.rsc.cdn77.org Let's Encrypt Authority X3	`2020-06-09` - `2020-09-07`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2020-03-29` - `2022-03-29`	2 years	crt.sh
*.ozpr.net Amazon	`2019-08-02` - `2020-09-02`	a year	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2020-09-10`	3 months	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
omnitagjs.com Sectigo RSA Organization Validation Secure Server CA	`2019-03-26` - `2020-06-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-05-12` - `2020-08-10`	3 months	crt.sh
s8t.teads.tv DigiCert SHA2 Secure Server CA	`2019-10-17` - `2021-01-15`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Frame ID: 68F05F3202E28E3674B14C2410B6908D
Requests: 192 HTTP requests in this frame

Frame: https://prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/prebid.min.js
Frame ID: 45126A40BEBDEE3503BA03C0F8FD5514
Requests: 2 HTTP requests in this frame

Frame: https://prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/prebid.min.js
Frame ID: 34498DAF239A1AD51D6E354A1D65870C
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3226697858301244
Frame ID: 75303531747BE2D37AF2E1020DBFCC3A
Requests: 3 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v30/cmp-3pc-check.html
Frame ID: 95FEA14EDC2215689FE6774B0EF5DFB6
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/1/lt.iframe.html
Frame ID: A37B288074E6234D77EC2DBC3C99D812
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_brt_dm_smrt_sovrn&dcc=t
Frame ID: B6DC864A2CBD3B1D89CACC5C65332B24
Requests: 1 HTTP requests in this frame

Frame: https://market-dev.s-onetag.com/px.gif?ch=1&rn=5.288892497531276
Frame ID: F51BFE03160B39748B9EA40427E2CFA0
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401474
Frame ID: 534798496129B2DBFC1D258E49AAF64F
Requests: 1 HTTP requests in this frame

Frame: https://get-latest.convrse.media/?url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&cre=center&cip=19&npa=0
Frame ID: C365DCE138FB26B4127D4F4EB1A5F7AF
Requests: 1 HTTP requests in this frame

Frame: https://mydmp.exelator.com/load//net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3BfdXNlcl9pZD1lMDFiMzZlZTNhOGMzOGI4OGE4ZjMyMzE3YTk4YTViYiZwX2lkPTI4NTM5IiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9leHAubXhwdGludC5uZXQvc24uYXNoeCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9NzMwJmo9MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vcHhsLmNvbm5leGl0eS5uZXQvYy9jc2U%2FYT1SJkE9MjkyJkQ9NmIyYiZWPTkmSTBrPXB0bnJpZCZJMHY9ZTAxYjM2ZWUzYThjMzhiODhhOGYzMjMxN2E5OGE1YmImYj0xNTkyMDMyMDQyMTYyIiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9ndW0uY3JpdGVvLmNvbS9zeW5jP2M9MTQmcj0xJmE9MSZ1PWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDg5JTI2aiUzRDAlMjZCVUlEJTNEJTQwVVNFUklEJTQwIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=800ae686d2f441702ecdbffcada39447
Frame ID: B287BB2A054E896878F07E98F2F1B2AC
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&pubcid=3c4a42dc-14e6-4bc5-8545-76f33f6f3f1b&publisherId=OZONENREACH1&siteId=4204204202&cb=1592032039562
Frame ID: 0304846C040AABD6ED2BCF1C98BAC65F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: 7F0076F1BDC1E7805B790EF6D0D9D02A
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPF0wjo-PIbPk4aDrIR3xZDSV0E88rrJgmM4XOGyndGg2i7j7-s6Kc0Ao_Gu8I5tI7zjbxm4ZSDioivkNF4G_7dADk1PT3rEKuJ9GncM74aX78XJWHqbxZmzo_vQc2dW5h49egQtm2HuntU1s0XZZIKRZRRHJCmvgd_nkpsMXw4s3CDd8pD9Gle7FJl67_75P38WSvxMPeobQ6ersDHDWlRfy4sHCiXdjSuL0-VDiHKpAyZ7eLurfgGg0vW-17Sl_kx2ivwG4WSR624D45FzFrj54zbpRy1bZGoK-REJB59g&sai=AMfl-YSIYk0AV-cjQGKIwRNtM4_BHYP90Sj9aOnsK6_1omU0DfFiYRqF0vAhJQQy5_AJapBGWKDU6rrzS_Z-USGSAVBC2v3jdAK-hzyIqi6yEg&sig=Cg0ArKJSzNfyDFk4i2SyEAE&urlfix=1&adurl=
Frame ID: 27AB4DFB79984CBB0703A329274C756E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscueTtgorlpPQJWI9KjeBMvr5zncaDeXVj_pGARCz59Ecs4J0CpdJpCOBDKQAFmj9oiQjoskeCl1MNMT4K4U-DSCFFZt9TVOsq7WCKdUQ9HZbaKCgGJZbO3aETrrz9Hb6eGf_0eFC71BKe-KkXvo8emZBa64QZ9diyfo-hf2w1y6UOSKlLKq-L_waodlbruVLJj_27NTs3whcXU1Rm_SdScDfKRT706oVEYsbmyo1XMH7tEf1h_1GCd606IXGzZW0NgaRFMX8UoTutBl6R9PEvTi3N5uy2_wCy77D7tw&sai=AMfl-YQcXP4Uc8QNS6JUJg-qLsAKSf6m4TPv6-jKcF-sdGQDDGzy7ne5EK7vjOCXZ9CNGwizNfXbpU1G9qSXV2CPhVATZ7AotnKYBGR6pVrVIw&sig=Cg0ArKJSzCiAgTLsOP9rEAE&urlfix=1&adurl=
Frame ID: A2CA55514ABECB9ACEAA755AA7ED31E8
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: 685654135D21789250C6F4245BA93DC1
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: 389AAC6CE37A27FE8D37A61335848B00
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: FECC8753FA0DD3B01AAE1F5F34BE02F2
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 24862D162051DC98692B8F910EA16342
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: ADCBCAAE907478C36ABF3FD1C9D803B9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 298387015EC3A2DE53B229CF1B9E739A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNzXgEXeTFQrHkhPKV5M4DvzcdvIxXh2yeDrNdbBgjfmY8jrlNoo7KVN8PPUp-dDAJOV2l-b1mON-otBlladjmStpdWLK1Wuh1sohHp-mobJGOzGnHDqk8KUbqLhUOgUPvSUxblbRwvODeIjHVqcLct5bUYVn3jmBzKrCafTSHgjIjRmDKXtTeprRjuhNufym6EWda3Xv9_p-C3msO1m7zdKJtUgjT1MQgNTe4-hy1jKBaPIJzmmMpZz8jAGeM8VHcAp3V43W4PwHF6AEA20GaN6VCJkRtuYrf&sai=AMfl-YRdky0ZV-Ml5CyDgVOYHc_YyY_frvbglaIG6SfAlB8szEBUov1yHd08ytEikmkWM_DUXrCAVDRlbQqx1SNmowmsdK28WGV1mQ28lV5E-g&sig=Cg0ArKJSzKnqOejnW20-EAE&adurl=
Frame ID: 4811B75E3DAD619BCB4A7A24D2239B7D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 0DE6AF687EDDDEABE3672AB9473ED183
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=60379&gdprIab={%22reason%22:230,%22status%22:23,%22consent%22:%22%22,%22apiVersion%22:1,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=d228a7b8-9915-470b-89e4-54656191cdb2&vid=0acde73e-1dd4-4e01-9e34-2b5ebce38539&1592032050053
Frame ID: 1B679BF56F849C1A577F540980A8664D
Requests: 1 HTTP requests in this frame

Frame: https://550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 594FBB23AA27FB5C1CC71DE0C3737A21
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032005272217000/amp4ads-v0.js
Frame ID: 4DBE0EA3777FCC80B087ADA0C12E5AAE
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

305
Requests

100 %
HTTPS

41 %
IPv6

42
Domains

90
Subdomains

80
IPs

9
Countries

4425 kB
Transfer

11454 kB
Size

38
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inyourarea.co.uk/?branding=dailyrecord&from_reach_primary_nav=dailyrecord
Title: In Your Area

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RecordLifeStyle

Search URL Search Domain Scan URL

URL: https://twitter.com/RecordLifestyle

Search URL Search Domain Scan URL

URL: https://donate.thanksamillionnhs.co.uk/

Search URL Search Domain Scan URL

URL: https://timewith.co.uk/blog?utm_source=daily_record&utm_medium=nav_bar
Title: Mental Health

Search URL Search Domain Scan URL

URL: https://marketplacelive.co.uk/national
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://funeral-notices.co.uk/Scotland
Title: Funeral Notices

Search URL Search Domain Scan URL

URL: https://www.fish4.co.uk/jobs/scotland/?utm_source=tm-dailyrecord&utm_medium=referral&utm_campaign=navlink
Title: Jobs

Search URL Search Domain Scan URL

URL: http://games.dailyrecord.co.uk/?arkpromo=site_topnav
Title: Crosswords

Search URL Search Domain Scan URL

URL: http://inyourarea.co.uk/

Search URL Search Domain Scan URL

URL: https://communicatoremail.com/IN/DCF/wYm70CutOFVRBalaN~K7eP/
Title: Show me

Search URL Search Domain Scan URL

URL: https://help.netflix.com/en/node/65674
Title: help page on the Netflix website

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de&&external_param=2896555033&pid=tmg-dailyrecord&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F359817fabfb29e63d0f58009165659c6.jpeg&tblci=GiCSlgZO6aFSDCEeAxVQc4U0FCc3nZBds5KSpGlg37rP3iDJqD8#tblciGiCSlgZO6aFSDCEeAxVQc4U0FCc3nZBds5KSpGlg37rP3iDJqD8
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tmg-dailyrecord&utm_medium=referral&utm_content=thumbnails-feed:Below%20Article%20Thumbnails%20Responsive%20Feed%20|%20Card%201:
Title: | Sponsored

Search URL Search Domain Scan URL

URL: https://financeblvd.com/life-style/diese-42-makellos-gealterten-stars-sind-immer-noch-guter-form-und-sehen-fantastisch-aus?utm_source=taboola&utm_medium=tmg-dailyrecord&utm_campaign=4661479&utm_term=Erinnerst+du+dich+an+Pauley%3F+Atme+tief+ein%2C+bevor+du+siehst%2C+wie+sie+jetzt+aussieht%21&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6d8c3761710bfeeee163b165eaf0338c.jpg
Title: Finance BLVD

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tmg-dailyrecord&utm_medium=referral&utm_content=thumbnails-feed-a:Below%20Article%20Thumbnails%20Responsive%20Feed%20|%20Card%202:
Title: | Sponsored

Search URL Search Domain Scan URL

URL: https://crowdhouse.ch/de/lp/ihr-zugang-zum-schweizer-markt-fuer-renditeimmobilien-f2-v3-2-m/??utm_source=tab_inv_min_Mai20_de/pulisher_tmg-dailyrecord&utm_medium=Display&utm_campaign=CampaignID_4602591_ItemID_2899564890_DE&tblci=GiCSlgZO6aFSDCEeAxVQc4U0FCc3nZBds5KSpGlg37rP3iCWvkM#tblciGiCSlgZO6aFSDCEeAxVQc4U0FCc3nZBds5KSpGlg37rP3iCWvkM
Title: Crowdhouse AG

Search URL Search Domain Scan URL

URL: https://topgadgetadvisor.com/tactical-watch-de-n?utm_source=taboola&utm_medium=referral#tblciGiCSlgZO6aFSDCEeAxVQc4U0FCc3nZBds5KSpGlg37rP3iDgpks
Title: Tactical Watch

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tmg-dailyrecord&utm_medium=referral&utm_content=thumbnails-e:Right%20Rail%20Thumbnails%20Responsive:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.inyourarea.co.uk/?branding=dailyrecord&from_reach_footer_nav=dailyrecord
Title: In Your Area

Search URL Search Domain Scan URL

URL: https://jobs.reachplc.com/jobs
Title: Work for us

Search URL Search Domain Scan URL

URL: http://www.bookanad.com/#choose_region
Title: Book an Ad

Search URL Search Domain Scan URL

URL: https://discountcode.mirror.co.uk/
Title: Discount Codes

Search URL Search Domain Scan URL

URL: http://www.scotcareers.co.uk/?utm_source=tm-dailyrecord&utm_medium=referral&utm_campaign=footerlink
Title: Jobs

Search URL Search Domain Scan URL

URL: http://mediascotland.newsprints.co.uk/
Title: Buy a Photo

Search URL Search Domain Scan URL

URL: http://www.footie5.com/?utm_medium=site-footer&utm_source=reach-record&utm_campaign=footie5-footer
Title: footie5

Search URL Search Domain Scan URL

URL: https://play.thepools.com/sportsbook/?utm_medium=site-footer&utm_source=reach-networkwide&utm_campaign=pools-footer
Title: Sports Betting & Casino

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=6035737&ns__t=1592032036969&ns_c=UTF-8&c8=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%20Record&c7=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1592032036969&ns_c=UTF-8&c8=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%20Record&c7=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&c9=&cs_ak_ss=1

Request Chain 71

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=150578195&t=pageview&_s=1&cd=dailyrecord%3Alifestyle%3Amoney%3Aarticle%3Anetflix-email-phishing-scam-targets%3A22179768&dl=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&ul=en-us&de=UTF-8&dt=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%20Record&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=false&_u=YIBAAEAB~&jid=1466795501&gjid=1067245760&cid=108802521.1592032037&tid=UA-110513849-17&_gid=545948324.1592032037&_r=1&gtm=2wg640M3TH25P&cg1=lifestyle&cg2=money&cd1=UHID%7C20%3A06%3A13%3A07%3A07%3A16%3A752_5ee96301-d234-475d-a0a9-925a71090e12&cd3=prod&cd4=desktop&cd5=chameleon&cd7=dailyrecord&cd8=nationals&cd9=dailyrecord&cd10=article%3Anews%3Areadmore%3Areadmore&cd12=22179768&cd13=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped&cd14=2020-06-12&cd15=Linda%20Howard&cd16=Netflix&cd23=desktop&cd27=web_dev_0.1&cd28=Netflix%7CPersonal%20finance&cd29=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&cd30=dailyrecord%3Alifestyle%3Amoney%3Aarticle%3Anetflix-email-phishing-scam-targets%3A22179768&cd32=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd33=08%3A05&cd34=unknown&cd35=2020-06-12&cd36=desktop&cd38=23&cd41=false&cd51=DL%20-%20Source%20Not%20Known&cd52=No%20Value%20In%20DL&cd61=news_story&cd62=0&cd68=GTM-M3TH25P&cd69=no&cd2=108802521.1592032037&z=806800205 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_gid=545948324.1592032037&gjid=1067245760&_v=j82&z=806800205 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_v=j82&z=806800205 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_v=j82&z=806800205&slf_rd=1&random=641274709

Request Chain 99

https://r.skimresources.com/api/ HTTP 307
https://r.skimresources.com/api/?xguid=01EAP822PG7NXTA64X1VRMWB6B&persistence=1&checksum=f147e06d5b49468d5e71b1d56d00daf63f4c51519d7becc02c14da44ab36f42d

Request Chain 110

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=5f65a65ff0a235f13124d3a9164aab67 HTTP 302
https://p.skimresources.com/?provider_id=5f65a65ff0a235f13124d3a9164aab67&skim_mapping=true

Request Chain 113

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_brt_dm_smrt_sovrn HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_brt_dm_smrt_sovrn&dcc=t

Request Chain 116

https://x.skimresources.com/?provider=exelate HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 263

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 268

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 269

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 270

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 289

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1592032049960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=54274073&cs_ucfr= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1592032049960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=54274073&cs_ucfr=&cs_ak_ss=1

305 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request netflix-email-phishing-scam-targets-22179768 Show response
www.dailyrecord.co.uk/lifestyle/money/ 208 KB
42 KB 212ms
128ms Document
text/html 143.204.237.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-57.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: d399dd5d2d6718a32ecef9aad73d3a799d901c8781b03d516506de2cd3be30c5

Request headers

:method: GET
:authority: www.dailyrecord.co.uk
:scheme: https
:path: /lifestyle/money/netflix-email-phishing-scam-targets-22179768
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
content-encoding: gzip
date: Sat, 13 Jun 2020 07:07:16 GMT
expires: Sat, 13 Jun 2020 07:09:24 GMT
server: nginx
via: 1.1 varnish, 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-cache-hits: 2
x-cacheable: YES
x-processesi: yes
x-removedcookies: YES
x-served-by: nat-cache2a.tm-aws.com
x-varnish: 861459300 861413664
set-cookie: GS_GROUP=2; Path=/; Expires=Mon, 13 Jul 2020 07:07:16 GMT GS_REVENUE_LOC=2; Path=/; Expires=Mon, 13 Jul 2020 07:07:16 GMT GS_RESTRICT=0; Path=/
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: NSpJmEWTp_wT9FZ8omB8uH_M-bdQy9ayQoBQM3XXlxteZlIutwZTKg==

GET
H2 200 SignikaNegative-Bold.47b398e81c9f2e2e.woff2
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 12 KB
12 KB 148ms
42ms Font
binary/octet-stream 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/SignikaNegative-Bold.47b398e81c9f2e2e.woff2
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Origin: https://www.dailyrecord.co.uk

Response headers

date: Fri, 12 Jun 2020 13:10:52 GMT
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 09:27:26 GMT
server: AmazonS3
age: 65102
etag: "0878f337da5ac933819c3eaf691db0a5"
status: 200
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 12272
x-amz-cf-id: 0X7xkXxxvCQksmsevz9Xvwik00UeIcTW-WG1aBJYJvYWePSbjSuA7g==

GET
H2 200 opensans-bold-webfont.1b0229cc78352a07.woff2
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 17 KB
18 KB 169ms
64ms Font
binary/octet-stream 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/opensans-bold-webfont.1b0229cc78352a07.woff2
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49a07a1348273750d65f44c8fd6270fc7c4777e2bbb2ed30bf4df9a00f749250

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Origin: https://www.dailyrecord.co.uk

Response headers

date: Fri, 12 Jun 2020 12:22:24 GMT
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
last-modified: Wed, 20 May 2020 12:19:28 GMT
server: AmazonS3
age: 67709
etag: "2aeda138757cc9fa9eb7a520d11805a8"
status: 200
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 17660
x-amz-cf-id: 6XkwXkak4xHhsTo5zBeS8mfBWoBx3SVjXcRApRc76DTaFnfN5TTFGA==

GET
H2 200 opensans-regular-webfont.c17ed4f560d01e13.woff2
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 17 KB
18 KB 157ms
52ms Font
binary/octet-stream 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/opensans-regular-webfont.c17ed4f560d01e13.woff2
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18e27150bad800092a4a85606b401f494c5625c8fdfd46cb66190328fb8c32e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Origin: https://www.dailyrecord.co.uk

Response headers

date: Fri, 12 Jun 2020 10:19:16 GMT
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 09:27:26 GMT
server: AmazonS3
age: 75064
etag: "f42a62e230fec70735dbca1c971adbd2"
status: 200
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 17840
x-amz-cf-id: xkfxCRO2PAwIKS_fqZ7oJ7ztNfRIzdkhY7OrMNOLfqptywMvw_nsKA==

GET
H2 200 icomoon.401b68699723e317.woff2
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 7 KB
7 KB 174ms
69ms Font
binary/octet-stream 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/icomoon.401b68699723e317.woff2
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff7efbed2c557b5ba4df1dcfd303c7b8e276bfb27dc87a8241f227e25ac40fa9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Origin: https://www.dailyrecord.co.uk

Response headers

date: Sat, 13 Jun 2020 05:04:24 GMT
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 09:27:26 GMT
server: AmazonS3
age: 7753
etag: "d27ed9edd751d8ad6954dfc3eb95a9b3"
status: 200
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 7212
x-amz-cf-id: KlsrPK1OdUAvnaUyjsFD8xRWSIuzrsI_KtgW28AtocvRFOPJE-6JHA==

GET
H2 200 brand-extended.cd01e7b3d32f41d8.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/scss/ 26 KB
5 KB 146ms
41ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/scss/brand-extended.cd01e7b3d32f41d8.css
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa5e4b4b8bdb490c10b25b5e4fdd5762748fb3d9778bf19f6bfba04da4ba73dc

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 08:14:10 GMT
content-encoding: gzip
last-modified: Fri, 12 Jun 2020 08:13:09 GMT
server: AmazonS3
age: 82386
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: Yeg8knkxnG7C-j__65SlMkZ-0DFK9szDNpu5AFiIOpA3HX1KRaT0ng==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 article-base.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/scss/ 43 KB
9 KB 150ms
47ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/scss/article-base.css?v=eb3c39e2c2cc39414a2c043dcf3b1779
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40d721ae9f1a9c9473bc126cdf38ca932b4d64519255ebad138a0383d10d6167

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 12:54:35 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 12:17:35 GMT
server: AmazonS3
age: 65880
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: Ot5BAl_nVJ9R32-3K6O6J0_TU-B0272D2UI47j81ZE1QPMEwahKKYQ==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 chameleon-static-html.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/scss/ 19 KB
4 KB 164ms
61ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=afe51ce00bcd0be2247d03b7e3e777a1
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce71514a18261fccf38899c4c0e7d0e6ef7e3d58fb95a33080daedf0aa121eb9

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 16:13:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 11:14:43 GMT
server: AmazonS3
age: 53745
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: gqMQzaqQisXJpBy2LWo_1nF7KWs-Yj6D27rXGlfK3bKBjTZqGwNptA==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 marwood-extended.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/scss/ 17 KB
4 KB 156ms
53ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/scss/marwood-extended.css?v=01b8bcda6b280ca1708c975a5648b1d4
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df464f66f7711e3a3928628776f852d893cf51edbc3acb5b6cf44644e19f6ae5

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 10:54:07 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 10:50:06 GMT
server: AmazonS3
age: 72995
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: ghT-Uoj7JYPyF2rYasUikxhKGUiSjYkb6lyOnmcNgrfnBDD2OLMYAQ==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 core.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/scss/ 80 KB
14 KB 162ms
60ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/scss/core.css?v=3c221e2a29bafb7a293efdfd0e3c5c49
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbd1a8c569dd09a62ccb062291f531437a53ab50e4ae17dfa09ae31cddcfdde4

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 07:42:29 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 11:36:57 GMT
server: AmazonS3
age: 85755
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: BCJKD8Dcxlrq4rIgdgzDS6KzthBm0NxM89iCwiLuK_AifBfMHTCBSA==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281 Show response
scripts.webcontentassessor.com/scripts/ 153 KB
40 KB 59ms
18ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5916b5490f3356df0c6fcbaabee029b32aef2ea81c3d798dd665e4b00bf8e940

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:16 GMT
content-encoding: gzip
age: 3035
x-cache: HIT
status: 200
content-length: 40752
x-amz-id-2: r8kgVFaOMNiiZVivYfnUfhGlpMhcMeqtHYMWoolBrpDdBYlUu1HizC0PaS6fs6Ud6C9ZYZUyNuA=
x-served-by: cache-fra19139-FRA
last-modified: Sat, 13 Jun 2020 06:06:15 GMT
server: AmazonS3
x-timer: S1592032037.611306,VS0,VE0
etag: "558e193d9fbb28663201470896d4e94a"
vary: Accept-Encoding
x-amz-request-id: BBDA1F0234378DA1
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3

GET
H2 200 read-next.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/scss/ 7 KB
2 KB 140ms
48ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/scss/read-next.css?v=b790533e8e5a70ffa0c2c6c8d118c407
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9905f654e7d20756eb71bb3bce2178e57a0bced39fa8fef3eee5fd84165f842

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 17:14:02 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 11:36:57 GMT
server: AmazonS3
age: 50104
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: oRIpWut4A0WTgNIzgIn3Tv0eu134RMrhvv_srCJHvZBQ6ONCZcMuqw==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 runForceReconsent.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/tags/js/ 75 KB
23 KB 45ms
41ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/tags/js/runForceReconsent.min.js?v=89093f028371ecdb0d5be635eaa06f56
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3405c44f4d522d4b713e969649a37c5462a777d9e681cae83d769acbf1f69ee5

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 14:03:18 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 15:47:31 GMT
server: AmazonS3
age: 61613
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: F1OnogA7fMX6TNugw4XmEGWTzDAoZd6kCjKwv7QxWs0JC3dxF9rliA==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 init.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/quantcast/ 926 B
1 KB 47ms
43ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/quantcast/init.js?v=a0fce112ae598618f2db61f0395db6e0
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22cc94ba3019b5f435adce7d3247c84e8c0eab9ca8459ef682a83358063fbe8e

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 00:57:33 GMT
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 13:38:38 GMT
server: AmazonS3
age: 22201
etag: "a0fce112ae598618f2db61f0395db6e0"
status: 200
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 926
x-amz-cf-id: Ww1yIp8bUinUc2X0L_l5yS5jR_dK5yZOQeq1YcawmYD1iWr-pxvkcg==

GET
H2 200 var=OzoneLotameData Show response
ad.crwdcntrl.net/5/c=13271/pe=y/ 79 B
288 B 133ms
42ms Script
application/javascript 52.48.201.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=13271/pe=y/var=OzoneLotameData
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.201.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-201-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2aca73ab1ff7b041296a0d46f5624cd0dc4d52ad84c281eb142e20d95d47752a

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:16 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.24.123
content-type: application/javascript;charset=UTF-8
content-length: 79
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 44 KB
15 KB 72ms
28ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

ff50609c9bd236583a9ea74532ce62666d8752355baa19e3fa298344b97d9716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "541 / 427 of 1000 / last-modified: 1591996377"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14521
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:16 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
6 KB 193ms
46ms Script
application/javascript 143.204.237.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-14.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aea6a1cba8f14ad8d11b44f1ab102831768abefa9f33e8dbb496450df730537a

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Jun 2020 00:28:02 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 30 Mar 2020 14:33:25 GMT
Server: AmazonS3
Age: 110355
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 1eaba3be3fe032170d946b3b2ae3b2b9.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: Gl1h6ipSAJYmOgfbBBbXzgDzT0ePhWJzw-VTT3m61BuAoZIWd0lQrw==

GET
H2 200 prebid.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/prebid/ 199 KB
64 KB 50ms
46ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid.js?v=ca530940770001d4a547a7fd3680a322
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60dc8cc2e30cc529e06aab5920c0be3df93d31e867c59d6f1b7a175747442478

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 07:42:29 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 09:58:52 GMT
server: AmazonS3
age: 85181
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: nJ7Oo_gTPvDgfoqwRl_EeyFa8bpM-2uJrRvbClWJC8cUMJh8AYVNXQ==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 tags.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/tags/js/ 141 KB
39 KB 71ms
67ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/tags/js/tags.min.js?v=b9bb5eca0043af33c4395903ff3eacfd
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 520059d75ddbc4bc6f1cbd6fa915cd1ddc20787998096f52dfc241ab52442e38

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 12:28:31 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 15:47:31 GMT
server: AmazonS3
age: 67197
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 2clNmwvVnMfvCQtT2Kw4jN3FhEeD50EsbB-VogIUj0W8-GWpoYIPaA==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 4_11MAIN-Netflix.jpg
i2-prod.dailyrecord.co.uk/incoming/article22179773.ece/ALTERNATES/s810/ 48 KB
49 KB 197ms
75ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22179773.ece/ALTERNATES/s810/4_11MAIN-Netflix.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 6e824c99b2238120da03043a30d88523accdc1bfbfd02675dfd6fabd3da26f65

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 07:27:09 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 85207
x-cache: Hit from cloudfront
status: 200
content-length: 49510
x-served-by: nat-cache1a.tm-aws.com
last-modified: Fri, 12 Jun 2020 06:43:26 GMT
server: nginx
x-varnish: 1492631672 1492508460
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: OqEf5k6rZRDuKFIO9B3qRtXfFPS8RnE8x4vJU2PPvouROBPHZOoRSQ==
x-removedcookies: YES
x-cache-hits: 1

GET
H2 200 amp.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/amp/js/ 1 KB
1020 B 40ms
39ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/amp/js/amp.min.js?v=539f80ac9d21bb355b6120f432a89262
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbeaf69a839b61144f0e8dea7615ee9f58ff70c7831aeed720eee504ea2eb117

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 17:10:12 GMT
content-encoding: gzip
last-modified: Fri, 22 May 2020 08:45:30 GMT
server: AmazonS3
age: 52932
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: G2mfVI5uT6GBzpuS1MDW8RpSSixzo-gSC5WWIEjTKcOp8MwwQY1-hg==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 transparent.png
www.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/img/placeholders/ 1004 B
1 KB 44ms
41ms Image
image/png 143.204.237.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/img/placeholders/transparent.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-57.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25cfba872cacb548bfbdae8fa7844ca5cb594625908870b4e58d52d6b3ceb578

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 20:44:40 GMT
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
last-modified: Wed, 20 May 2020 11:15:35 GMT
server: AmazonS3
age: 38158
etag: "ceb94a0e18e452ff2d57f4b0bc854160"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=7776000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 1004
x-amz-cf-id: oGEkJ57TQXx_dFt4lnSpZdVks58RzR2QfB7Ont3yibgpZ3Gm7xZDHQ==

GET
H2 200 pug-runtime.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/pug-runtime/ 3 KB
2 KB 38ms
38ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/pug-runtime/pug-runtime.min.js?v=f9a8f9298a1eafea96091cdab6421797
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93c5809a50d386dad38d1f9eccdc910485c337a93ed931fae7d4da8ccaddd1bf

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 08:36:08 GMT
content-encoding: gzip
last-modified: Wed, 13 May 2020 14:15:21 GMT
server: AmazonS3
age: 81248
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: UQgXpQzic1OlRFlU20g81XZ7zyP5F3iRQ8AUFx16jTAUHEliq3ZKTg==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 article.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/js/ 213 KB
38 KB 78ms
75ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/js/article.min.js?v=ad17caf0892c675b9065dad0b0dc106f
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc29f8a36dca6e08d498e7f017e578a596e7a5f320a55a171075890f5f586bee

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 09:10:15 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 08:43:14 GMT
server: AmazonS3
age: 79460
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: HFEKYwnLBcDHfqy3Mc0Yb4OYHqeg2AdVOfVyHVrWR5JcjRLAto0Qgg==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 video.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/js/ 138 KB
41 KB 84ms
80ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/js/video.min.js?v=f9050d7d4045810705cf18c5b4279da5
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d26fead64e2e8f5e20c71220a13de853dbb338bf4858deca1f930832ca7c1d0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 10:53:52 GMT
content-encoding: gzip
last-modified: Fri, 12 Jun 2020 10:53:40 GMT
server: AmazonS3
age: 72805
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: X-cFsUje8KZJkKedVBbKtaHmksmCge_lPXHPKgfA6IKPcGFPakYyZQ==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 article-service.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/js/ 140 KB
33 KB 90ms
87ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/js/article-service.min.js?v=e23042783113852685ce22aeac60f424
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db08613227deb40f1511d9ed15611099d13f063a3a522876293e0d4ce19c1704

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 11:29:03 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 11:17:19 GMT
server: AmazonS3
age: 70788
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 9JcfHt5u8W0wB6AsrKkKRJs0jFmsBBilCLfNv-1VpfhC4DVS3LajPw==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 partner.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/ 163 KB
43 KB 94ms
91ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12b6257e0ee89bd931cc8f45f573ab9246e088b566cf92cdbf5c83e2d18e6792

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:44:49 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 16:07:28 GMT
server: AmazonS3
age: 62674
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: VDu2zGC6xTenIBivjFNaK7AByUeqoQUiOOAT2Odi39PY8pGQD9Vkbw==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 chameleon-static-html.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/js/ 13 KB
5 KB 97ms
94ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/js/chameleon-static-html.min.js?v=aa3511b307ccfc2ab8cfbf20879b0889
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75f214d38e43d6ae693d22faee11dd261c81eab907a0556ed96b62a4d675082c

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 18:30:57 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 11:14:43 GMT
server: AmazonS3
age: 45442
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: nOODzbI3oA6ypZFIDXoBw_9fQh5s4KtcsOWqdYejWFjFiff3AnCLlw==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 withnail.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/scriptsCore/js/ 176 KB
50 KB 99ms
96ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/scriptsCore/js/withnail.min.js?v=8689f49c34342850cdffeb83142574ce
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a6e23f5abe1c13ec092970fd2afcb591deffc77017c3807f9f32c02323a0edf

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 22:56:06 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 15:47:31 GMT
server: AmazonS3
age: 29496
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: y5ZPwn6IZuygcG3YULFBwIX42g8rpxtEbVKobpxbAkFAJkXULFvhbw==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 render-recommendations.min.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/js/ 12 KB
5 KB 104ms
101ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/js/render-recommendations.min.js?v=b2979f0097644911d315c1d00a8f8d3c
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8650a0c2daaa3931b59aa8cf8796cec91ff8ae9516d62310e0ac8029303a12f7

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 11:14:24 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 11:08:07 GMT
server: AmazonS3
age: 71909
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: IajgVnZLvRkgt0bHTeaR8ztbIsf-vGeyNxLwn0P2XYNUpdLD_1-nPw==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 felix.min.js Show response
felix.data.tm-awx.com/ 9 KB
3 KB 168ms
47ms Script
application/javascript 52.49.48.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/felix.min.js
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.48.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-48-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 393782e32b96118b0a5418afd1436db2daa9ede0b11ab1dcd5960770efac41ea

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 13 Jun 2020 07:07:16 GMT
cache-control: no-store
content-encoding: gzip
etag: W/"24d8-v8gjP3MtoV9K2u6M/1EKwt7Ou/I"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 345 KB
70 KB 18ms
15ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aee1ccc0e624d816da37526f0b2e076a8df9f67c01783f15f0cd559ec102d9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:16 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71917
x-xss-protection: 0
last-modified: Sat, 13 Jun 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jun 2020 07:07:16 GMT

GET
H/1.1 200
OK 186772-170849978518354.js Show response
js-sec.indexww.com/ht/p/ 159 KB
44 KB 830ms
770ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0718d0db2b4ff6e60fd63832ec2c63619998239ec3d3d4cfb13cda6c546ff17e

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Jun 2020 07:07:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Jun 2020 07:05:32 GMT
Server: Apache
ETag: "9011ee-27d7d-5a7f1d1d66643"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 44127
Expires: Sat, 13 Jun 2020 08:07:17 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 101 KB
26 KB 144ms
64ms Script
application/javascript 143.204.244.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.244.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-244-102.cph50.r.cloudfront.net
Software: Server /
Resource Hash: b388addf9c8ba4bc2852132727bd9df68c99db7ca97d22fdb18ad2a426d02a5b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:00:28 GMT
content-encoding: gzip
server: Server
age: 407
etag: 06fa05e9082ab6150f8e415571b3ff6a
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZSIOfQp0ZxTuhjt92Z8KM8J1mp7ZjtY2xohdJJne5dG89vjvxVQaWw==
via: 1.1 b9ba4bda57a72c60657b278a2341fc54.cloudfront.net (CloudFront)

GET
H/1.1 200
OK channels.cgi Show response
trinitymirror.grapeshot.co.uk/national/ 456 B
604 B 150ms
31ms Script
application/javascript 148.64.56.194
GRAPESHOT-UK-1

General

Check archive.org

Show headers Download Go to

Full URL

https://trinitymirror.grapeshot.co.uk/national/channels.cgi?url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

148.64.56.194 , United Kingdom, ASN200981 (GRAPESHOT-UK-1, GB),

Reverse DNS

server194.hml.grapeshot.co.uk

Software

Resource Hash

ddfd54fa6430a6c1fa867953c7ba8ba90bc7bbe513eca5dcd9a787beb4490a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=157680000
Connection: Keep-Alive
Content-Length: 456
Content-Type: application/javascript

GET
H2 200 analytics.config.json Show response
stmg-prod.mirror.co.uk/ 44 B
541 B 166ms
43ms XHR
application/json 52.211.110.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stmg-prod.mirror.co.uk/analytics.config.json

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.110.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-110-107.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

8ab118887020a0ac973965df1edcd5cf61cba0e68c743ab195062f06b8f23d0b

Security Headers

Name	Value
X-Frame-Options	x-frame-options:SAMEORIGIN
X-Xss-Protection	X-XSS-Protection: 1; mode=block

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:16 GMT
referrer-policy
amp-access-control-allow-source-origin: https://www.dailyrecord.co.uk
x-xss-protection: X-XSS-Protection: 1; mode=block
status: 200
x-powered-by: Express
x-frame-options: x-frame-options:SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
content-length: 44
etag: W/"2c-kggtC1HqaQWLGbZQRDH0ZClqb14"

GET
H2 200 logo-dailyrecord.4c4d88d32bde1410.png
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/ 15 KB
16 KB 94ms
94ms Image
image/png 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/logo-dailyrecord.4c4d88d32bde1410.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27e9edbdc9e55d87ebb98e3597a41dc3c59cae0b51dfbc958acea55da31619fc

Request headers

Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/scss/brand-extended.cd01e7b3d32f41d8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 12:59:20 GMT
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jun 2020 14:25:48 GMT
server: AmazonS3
age: 65427
etag: "0da87f89293e6a22f1a63c48229b4f30"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 15762
x-amz-cf-id: xbVpcNjMohlP8ghXA4BBnpiBiX1aL07XIjQ735IjvX4vqeg9egKbuw==

GET
H2 200 icon-dailyrecord.1460a0da2dc98703.svg
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/ 671 B
1 KB 93ms
93ms Image
image/svg+xml 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/icon-dailyrecord.1460a0da2dc98703.svg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a187f330d97d925da831e60a57fba514490f9d432fae70ed0a76a6be4bde5384

Request headers

Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/scss/brand-extended.cd01e7b3d32f41d8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 07:42:30 GMT
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 09:26:52 GMT
server: AmazonS3
age: 85786
etag: "7217b0c6204672279b4d8bf0aba34546"
status: 200
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 671
x-amz-cf-id: QqpraTOvvnXKe937mLpUL9WGKTlSLZpsXzGoLTDAhmBRizHXBi87nQ==

GET
H2 200 link.d00a1f1c4f3f6a07.svg
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/sharing/img/ 637 B
1 KB 101ms
101ms Image
image/svg+xml 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/sharing/img/link.d00a1f1c4f3f6a07.svg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e49732f7a66d919109248f87b59c6241afcf0b111cbe3e2f78ea9f9a03af219f

Request headers

Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/scss/core.css?v=3c221e2a29bafb7a293efdfd0e3c5c49
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 12:03:37 GMT
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 11:36:57 GMT
server: AmazonS3
age: 68832
etag: "9e1beff206cfbd7a9fc9b9afcdfb02ea"
status: 200
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 637
x-amz-cf-id: gufFHZgrjL0GpuhdFJMJeH4wu5Z3Pc28IhiMavi3L6I560wx_DIsGg==

GET
H2 200 html-loader-logo.b199fd42ba286e00.svg
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/ 270 KB
98 KB 95ms
94ms Image
image/svg+xml 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/html-loader-logo.b199fd42ba286e00.svg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48e300004ce557bdf313b88d22a0dc3a7492a4933fc137b59de6c221f0d2285a

Request headers

Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/scss/brand-extended.cd01e7b3d32f41d8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 08:14:29 GMT
content-encoding: gzip
last-modified: Fri, 12 Jun 2020 08:13:09 GMT
server: AmazonS3
age: 82369
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: DPunuUo0_ILlrRyI89sLFbiu1t7uWzcN_sXQgQUOt_zaLsSAQKMjgA==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 manifest.json Show response
www.dailyrecord.co.uk/lifestyle/ 2 KB
1 KB 57ms
57ms Fetch
application/json 143.204.237.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailyrecord.co.uk/lifestyle/manifest.json?v=41ddc216d16fb1e5
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-57.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: f8ac6488e7b74d5c1b535b9426af67ca89bdf6a0fabe942a5be592d0f2c8d057

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:09:31 GMT
via: 1.1 varnish, 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-cacheable: YES
age: 64665
x-cache: Hit from cloudfront
status: 200
x-cache-hits: 1725
content-encoding: gzip
x-served-by: nat-cache1a.tm-aws.com
last-modified: Thu, 28 May 2020 09:26:52 GMT
server: nginx
vary: Accept-Encoding
x-varnish: 1494952606 1378975291
access-control-allow-origin: *
cache-control: max-age=7776000, max-age=300
x-amz-cf-pop: CPH50-C1
content-type: application/json
x-amz-cf-id: VI3Y_h51bHzTGxRB2sk-WHiI-NI5lheQfEUWz0k5VAHCH3c3zktbwA==
x-removedcookies: YES
expires: Mon, 01 Jun 2020 09:10:33 GMT

GET
H2 200 logo-dailyrecord.png
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/ 15 KB
16 KB 70ms
69ms Image
image/png 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/img/logo-dailyrecord.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27e9edbdc9e55d87ebb98e3597a41dc3c59cae0b51dfbc958acea55da31619fc

Request headers

Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/scss/brand-extended.cd01e7b3d32f41d8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 15:37:28 GMT
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 09:26:52 GMT
server: AmazonS3
age: 55789
etag: "0da87f89293e6a22f1a63c48229b4f30"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 15762
x-amz-cf-id: X2I54bzj4LdwhHi0toJchzIjpokCsQMsCKnYCEbs_2ovX0lgUojClw==

GET
H2 200 opensans-condbold-webfont.8d0957f7f12d53b7.woff2
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/ 18 KB
18 KB 40ms
40ms Font
binary/octet-stream 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/webfonts/woff2/opensans-condbold-webfont.8d0957f7f12d53b7.woff2
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61bc0ba6055f00b8c5ec4629426a4c74649a95e698fb247abdb4b7024733cb5d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/dailyrecord/scss/brand-extended.cd01e7b3d32f41d8.css
Origin: https://www.dailyrecord.co.uk

Response headers

date: Fri, 12 Jun 2020 12:03:37 GMT
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 09:27:26 GMT
server: AmazonS3
age: 68685
etag: "6a4231aa2492700edbd764a0659dbfd3"
status: 200
x-cache: Hit from cloudfront
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 18168
x-amz-cf-id: GrxAxPx-qXmF8NwqgTnzuMfP6I_DBwrkQv7TyJhC5eKvbt5yNfAzrA==

GET
H2 200 withnail.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/scss/ 12 KB
3 KB 41ms
38ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/scss/withnail.css?v=47e1f7ea99148799ed78d1589aa5b695
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acdc5156b79d6a7cbbfc4cbcf30503dc265140379991a910570267d34afa2a2e

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 15:33:43 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 13:38:38 GMT
server: AmazonS3
age: 56133
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: S_GlLC77KymwEYPJsdkT2ZyP1Mis7BHqacfLF5BvBGRVrF9ql1Fmaw==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 partners.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/ 77 KB
13 KB 41ms
38ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/scss/partners.css?v=c8be215350e056ad39c4dda80797d116
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b9efc7f39d120fb5d68a1963c4f04b730160daba6a9957b3501ce8385e1a236

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 16:31:35 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 16:07:32 GMT
server: AmazonS3
age: 52559
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 9mcEy30i6zSzQl0eSNNMbC4W7_78Qu7EITDHLI6BgMOoh3KeGefTkg==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 video.css
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/scss/ 41 KB
7 KB 41ms
39ms Stylesheet
text/css 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/scss/video.css?v=d387438042cf0c0a7e18f2ce0f482b07
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f24c6ab70eedf81ac07a3f6df1f903a18dd4896c50ac88caad6d859cee9d28b2

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 11:33:17 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 11:47:42 GMT
server: AmazonS3
age: 70531
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: MuQfzyMJ_MpqxGeGZsupG-ACcBOrrdgoNuhabzMVLfI83_9zX1_gfA==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 ipso.svg
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/ipso/img/ 4 KB
2 KB 39ms
38ms Image
image/svg+xml 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/ipso/img/ipso.svg
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/tags/js/runForceReconsent.min.js?v=89093f028371ecdb0d5be635eaa06f56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67218cedf3fe2e9c5f13da640d16d5326b6b338665306e3282c77b27d9300f90

Request headers

Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=afe51ce00bcd0be2247d03b7e3e777a1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:10:52 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 11:14:43 GMT
server: AmazonS3
age: 64899
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: gC1NptlV2Lr2AT02jMeaKV6r1bP6x5igVLIkVPwtkeYxfMXr2EVmFQ==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 trust-project.svg
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/trust-project/img/ 6 KB
3 KB 39ms
38ms Image
image/svg+xml 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/trust-project/img/trust-project.svg
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/tags/js/runForceReconsent.min.js?v=89093f028371ecdb0d5be635eaa06f56
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05e5aac9c7577a71687c7a2bd9fce9502a45aaf546cbaf9591bc05597ea1f321

Request headers

Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-static-html/scss/chameleon-static-html.css?v=afe51ce00bcd0be2247d03b7e3e777a1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 08:36:09 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 11:14:43 GMT
server: AmazonS3
age: 81260
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: UofcMAp3v061mWMdBc2hfAnQCKMK2ay-6L9D1zoJ2ZTICJjdu42gdg==
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)

GET
H2 200 index.min.js Show response
s2-prod.mirror.co.uk/@trinitymirrordigital/bad-ads-reporting-tool/js/BART/ 56 KB
18 KB 134ms
45ms Script
application/javascript 143.204.237.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.mirror.co.uk/@trinitymirrordigital/bad-ads-reporting-tool/js/BART/index.min.js?1584699047
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-92.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 471601c6f26cb310a486c68ba879020f04018ecad50b53ccbbe15f2b52c9386c

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 08:40:56 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 12:46:41 GMT
server: AmazonS3
age: 81755
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: DHZauxX5_-5thsULBHOsD4r85PHoM__IOWStdWmHfBVRFaxCj0BPfg==
via: 1.1 1624c79cd07e6098196697a6a7907e4b.cloudfront.net (CloudFront)

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/www.dailyrecord.co.uk/ 6 KB
3 KB 210ms
146ms Script
application/javascript 2600:9000:215d:600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/www.dailyrecord.co.uk/choice.js?timestamp=1592032036934
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/quantcast/init.js?v=a0fce112ae598618f2db61f0395db6e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b0d879dc2c82128fbe5e071e5034ca14f14afca1794c295f43ca3ac14b12a3a

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:18 GMT
content-encoding: gzip
last-modified: Mon, 16 Mar 2020 11:38:12 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C1
x-amz-server-side-encryption: AES256
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
status: 200
x-amz-cf-id: ky9-6b4Q471FDkmfKtxiFxZIB3kYRIdpxHDm5G-yMXmbjmErE01Qkw==
via: 1.1 c4cfd693df2d3c329a667c606d9185f1.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1658
date: Sat, 13 Jun 2020 06:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sat, 13 Jun 2020 08:39:38 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 99ms
35ms Script
application/x-javascript 2600:9000:215d:7400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:7400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:15:32 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 3104
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 2NzMTqpGCBooXn8Ybn4NepThImxQKcldkq2hmNpHghMJJBpeN5ZH6A==
via: 1.1 79222e94ad9d7455e475fd04f37068c5.cloudfront.net (CloudFront)
expires: Sat, 13 Jun 2020 08:15:32 GMT

GET
H2 200 survey Show response
survey.g.doubleclick.net/ 9 KB
4 KB 68ms
48ms Script
text/javascript 2a00:1450:4001:802::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/survey?site=_6hstsnqgjpwwoaqquxjufyunxa&url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&cid=Everything&random=1592032036971&after=1

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

c67a61e1b0fba92866f365feba31d30f18c4611f0a014555a2f6fae6b8787fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, no-cache, must-revalidate, no-store
content-disposition: attachment; filename="f.txt"
vary: *
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 articleWidgetProd.js Show response
s3.mirror.co.uk/emerging-products/in-your-area/js/ 2 KB
1 KB 172ms
47ms Script
application/javascript 143.204.237.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.mirror.co.uk/emerging-products/in-your-area/js/articleWidgetProd.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-122.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74e84d8054b86afae6e96fad6fac10e942dd44b7088e1793d746a03df22dffbc

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:50:26 GMT
content-encoding: gzip
last-modified: Wed, 07 Nov 2018 18:01:55 GMT
server: AmazonS3
age: 1011
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600, public
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 8BQL3uWlQOLmfFR-fC4jtx2VM8a5M0I0eNve2yUgIXEkygXab9qe1g==
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)

GET
H2 200 tag.min.js Show response
get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/ 257 KB
67 KB 87ms
32ms Script
text/javascript 2600:9000:215d:9000:1f:287:d20a:ce1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:9000:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a98dd4ea2da59338b228ae8fed2db4c8ff81c9492a5f194dd03c07e2a2af0a9

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: UmDgkg00JiCozE1Gf1MCVZJT40nzhOnd
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 17:09:44 GMT
server: AmazonS3
age: 50234
date: Fri, 12 Jun 2020 17:20:46 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: fJoShJuGqCKlYBlfWCXQQ8QAvybqPbpWMFaQ9thEG9_W4WR4c_pChg==
via: 1.1 36977a8510529cb59322504bc8295469.cloudfront.net (CloudFront)

GET
H2 200 static.min.js Show response
cdn.exelator.com/build/ 6 KB
3 KB 185ms
101ms Script
application/javascript 143.204.237.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exelator.com/build/static.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-57.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eab5593abd1540432ae819c9b55c7b6ae8c1102ac24ed8147edc35b5c289d46a

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: aodasdVcGAw6SwBu_N2pvc1X25TxKD7P
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 13:11:28 GMT
server: AmazonS3
age: 67577
status: 200
date: Fri, 12 Jun 2020 12:21:01 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a7ccb4d80699d116fa5cf39b77f68f2f.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-request-id: FB60E711381474D8
x-amz-cf-id: RjOYPQgoWKDGT8S3TNn95pyswCnp1wLw_hhnguzRQM8_PMRfzXZVKQ==
x-amz-id-2: O66BshVLWr5QC4WeNPayyi9HAmoVw9NEOpN0jgG79ohs5dMVnsl9BC7XPO+fXxa8Xkiob4xWx18=

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035737&ns__t=1592032036969&ns_c=UTF-8&c8=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1592032036969&ns_c=UTF-8&c8=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%...

0
528 B

26ms
26ms

Image
text/plain

104.121.152.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1592032036969&ns_c=UTF-8&c8=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%20Record&c7=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&c9=&cs_ak_ss=1
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.152.36 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-152-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:17 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035737&ns__t=1592032036969&ns_c=UTF-8&c8=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%20Record&c7=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:17 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.dailyrecord.co.uk

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dailyrecord.co.uk

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020060103.js Show response
securepubads.g.doubleclick.net/gpt/ 246 KB
88 KB 29ms
29ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 18:46:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90085
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:16 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/9458/ 41 KB
14 KB 125ms
44ms Script
text/javascript 143.204.237.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/9458/lt.min.js
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/tags/js/tags.min.js?v=b9bb5eca0043af33c4395903ff3eacfd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-28.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77e7dea035cee556dca30d07683ec868b48533f18a35351e8b2dbb946ecf888b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 10:05:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 09:47:29 GMT
server: AmazonS3
age: 75715
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: B-xGC79tOrTqHX3Es3Kqrqn6kkT8DlcYm_7EcAbq7auDXgBqbEskpQ==
via: 1.1 79222e94ad9d7455e475fd04f37068c5.cloudfront.net (CloudFront)

GET
H2 200 76202X1529444.skimlinks.js Show response
s.skimresources.com/js/ 37 KB
14 KB 94ms
31ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/76202X1529444.skimlinks.js
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 131a3dbdfbbda75a29a1634bcafe261debf986bb86e5cc366b96a2b0e795fa07

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
last-modified: Wed, 03 Jun 2020 12:12:20 GMT
server: AmazonS3
x-amz-request-id: 91DDF012BE4CC700
etag: "8c8eaf81fb5d71935d112a2e7c1d3ef2"
x-hw: 1592032037.cds028.pa1.hn,1592032037.cds041.pa1.c
content-type: application/octet-stream
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 14039
x-amz-id-2: IL2GEKRdUhAnvMLi13ohB6ZvjncNL0pEEmrLeShn8CH5WwHh+jE8tbCLZVYQiSHoVXCWEZR5EHg=

GET
H2 200 mostReadChannel Show response
recommendations.data.tm-awx.com/fallback/ 4 KB
5 KB 196ms
97ms Fetch
application/json 2600:9000:215d:d600:14:75d3:e5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recommendations.data.tm-awx.com/fallback/mostReadChannel?url=https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768&count=5
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/js/render-recommendations.min.js?v=b2979f0097644911d315c1d00a8f8d3c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:d600:14:75d3:e5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 8684e47b4acd7613e0eb5f753821b07b58c107d181ddaea696e7b5d5beceaa06

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 e5f9cea29f02f6a9a9b4da9c89f48d01.cloudfront.net (CloudFront)
etag: W/"1142-NbONFlErmf6h3seBGlFIjzMvz6M"
x-amz-cf-pop: CPH50-C1
x-powered-by: Express
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 4418
x-amz-cf-id: nFLkmwmflEA3R5t5dauKC0LZev6Wayklsxc-uMJBclztIpaxHwkIXw==

GET
H2 200 rhs Show response
mab.data.tm-awx.com/ 16 KB
5 KB 184ms
102ms XHR
application/json 2600:9000:215d:ae00:6:8c85:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.data.tm-awx.com/rhs?url=https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768&userId=null
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/marwood/TM/js/article.min.js?v=ad17caf0892c675b9065dad0b0dc106f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:ae00:6:8c85:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 69a1804eb96f89103306eeb1a2e6ed67c0d3ef8033cfb4ca60319632dff1fb55

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
x-amz-cf-pop: CPH50-C1
status: 200
etag: W/"40ee-Yz+pfBx13JebeJhX/DZJU7jikD4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: qBzYeQTy6zRUmPw49n_rzFHEs3Yi9Zcy4tPkAVPYgyNwd4tIcZQ1mA==
via: 1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)

GET
H2 200 0_strip-nhs-200427-mobile2x.png
i2-prod.mirror.co.uk/article21935230.ece/BINARY/ 4 KB
4 KB 122ms
42ms Image
image/png 143.204.237.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.mirror.co.uk/article21935230.ece/BINARY/0_strip-nhs-200427-mobile2x.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-41.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: c1de98814d884fb5c1517d830f19faaaccd02ce3b2e8b6d287003526de2d76ca

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 11:02:43 GMT
via: 1.1 varnish, 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-cacheable: YES
age: 72283
x-cache: Hit from cloudfront
status: 200
x-cache-hits: 2
content-length: 3904
x-served-by: nat-cache2a.tm-aws.com
last-modified: Mon, 27 Apr 2020 16:37:11 GMT
server: nginx
x-varnish: 1091923425 1091397437
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: i8M0WakdYcdDieOsgngjw76QBeM7r1IzcURYstlCs2Vd89mxn3aGKw==
x-removedcookies: YES
expires: Fri, 12 Jun 2020 21:18:57 GMT

GET
H2 200 0_strip-nhs-200427-desktop2x.png
i2-prod.mirror.co.uk/article21935229.ece/BINARY/ 8 KB
8 KB 119ms
39ms Image
image/png 143.204.237.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.mirror.co.uk/article21935229.ece/BINARY/0_strip-nhs-200427-desktop2x.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-41.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 1032eb4fde545a8a200a7142d9663ea921460cf38158380c63cf7882508bf548

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 10:33:09 GMT
via: 1.1 varnish, 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-cacheable: YES
age: 74050
x-cache: Hit from cloudfront
status: 200
x-cache-hits: 4
content-length: 7845
x-served-by: nat-cache1a.tm-aws.com
last-modified: Mon, 27 Apr 2020 16:37:13 GMT
server: nginx
x-varnish: 1727559891 1726296483
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: uosLjpFlzj7nPLYTm96DESzUzkyO1_22OsBZp8PKhlaSAiDOcDg53A==
x-removedcookies: YES
expires: Fri, 12 Jun 2020 23:58:43 GMT

GET
H2 200 ads.js Show response
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/ads/ 146 B
547 B 38ms
37ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/ads/ads.js
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb64d771cc384b57252f841b1a7da0ff67e00565636fba5bcb418fc3666f6436

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:51:07 GMT
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
last-modified: Thu, 21 May 2020 09:58:52 GMT
server: AmazonS3
age: 62362
etag: "e49424da434115d8db7814c9cef28621"
status: 200
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 146
x-amz-cf-id: L6bFpCUXz5nFkC5P056WxBbwI26E-dX3IBSO14q_d290ASFax82jJA==

POST
H2 204 pageview Show response
felix.data.tm-awx.com/ 0
57 B 43ms
42ms XHR
text/plain 52.49.48.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/pageview
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.48.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-48-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

status: 204
access-control-allow-origin: *
date: Sat, 13 Jun 2020 07:07:17 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 141ms
47ms XHR
application/javascript 143.204.244.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.244.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-244-102.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 15:57:08 GMT
content-encoding: gzip
vary: Origin
age: 54610
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Sat, 06 Jun 2020 15:26:41 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 7XcrpVjI2ckc75tHn4jqj1nR4Hd7fElqwbf0LarH0r8MClCPmXslUQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 1 KB
1 KB 140ms
56ms XHR
application/json 34.246.59.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=925430&slot=%7Bid:div-gpt-ad-ad-mix-slot,ss:%5B1.1%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-top-slot,ss:%5B970.250,970.251,728.90,728.91%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-sponsorship-bar,ss:%5B948.42%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-rh-slot,ss:%5B300.600,300.250,300.252%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-vip-slot,ss:%5B8.8%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-in-article-slot,ss:%5B300.250,300.254%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-bottom-slot,ss:%5B728.90,728.98,728.99%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-rh-secondary-slot,ss:%5B300.600,300.250,300.253%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-rh-tertiary-slot,ss:%5B300.600,300.250,300.255%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&slot=%7Bid:div-gpt-ad-rh-quaternary-slot,ss:%5B300.600,300.250,300.256%5D,p:/5293/dailyrecord.co.uk/lifestyle/money,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=2ff78757-95d0-4f96-f2cc-e24cbc356bd4&url=https%253A%252F%252Fwww.dailyrecord.co.uk%252Flifestyle%252Fmoney%252Fnetflix-email-phishing-scam-targets-22179768
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.59.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-59-179.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 295ffa3610447b63201f7f2221e8c7447fa3448669bbd54d91971b2db12c2999

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
x-server-name: app15.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 parent.js Show response
get-latest.convrse.media/ 10 KB
4 KB 118ms
30ms Script
application/javascript 2600:9000:215d:e200:13:79eb:1780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get-latest.convrse.media/parent.js
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:e200:13:79eb:1780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b9e577c830fff834a00a186c3eda63e717eecf8a2e21bc6350b1108e1893e2e

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 00:41:29 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 07:17:49 GMT
server: AmazonS3
age: 23148
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 2qZL_pckXH5VMROzXEOMcHOj4Zg5ZLVhaMq4J5qslPwUDtjxUqEQ8A==
via: 1.1 79222e94ad9d7455e475fd04f37068c5.cloudfront.net (CloudFront)

GET
H2 200 pwa-swipe Show response
mab.data.tm-awx.com/ 16 KB
5 KB 123ms
80ms Fetch
application/json 2600:9000:215d:ae00:6:8c85:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.data.tm-awx.com/pwa-swipe?url=https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/js/article-service.min.js?v=e23042783113852685ce22aeac60f424
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:ae00:6:8c85:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 00b552672d529da9cf1efdf260bd741f75071bcde6d704b1fb79ce33a00a67bb

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
x-amz-cf-pop: CPH50-C1
status: 200
etag: W/"41ed-obUdoxRXSGbpYu2pXabLmlMzmqI"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: R-m3mKt4Xx0LVrtCbDIFY_RwxSUsc2QokVn3LpDE3bMjaIqdu3qMSg==
via: 1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=150578195&t=pageview&_s=1&cd=dailyrecord%3Alifestyle%3Amoney%3Aarticle%3Anetflix-email-phishing-scam-targets%3A22179768&dl=https%3A%2F%2Fwww....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_gid=545948324.1592032037&gjid=1067245760&_v=j82&z=806800205
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_v=j82&z=806800205
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_v=j82&z=806800205&slf_rd=1&random=641274709

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_v=j82&z=806800205&slf_rd=1&random=641274709

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-110513849-17&cid=108802521.1592032037&jid=1466795501&_v=j82&z=806800205&slf_rd=1&random=641274709
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prompt_embed_static.js Show response
survey.g.doubleclick.net/insights/consumersurveys/static/427322965662971830/ 381 KB
381 KB 6ms
6ms Script
application/javascript 2a00:1450:4001:802::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.g.doubleclick.net/insights/consumersurveys/static/427322965662971830/prompt_embed_static.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 846173d3eac3f1354c1f9ba546df4e5210f842d5505cd8a3c6852a92ff645d16

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 20:44:47 GMT
server: Google Frontend
age: 37350
content-type: application/javascript
status: 200
x-cloud-trace-context: 8a3101be237c7bd46c9c599a56e50da6
cache-control: public, max-age=2592000
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 389745

GET
H2 200 prompt Show response
survey.g.doubleclick.net/gk/ 0
159 B 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/gk/prompt?site=_6hstsnqgjpwwoaqquxjufyunxa&t=1&url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&cid=Everything&after=1&random=1592032037313&ref=&token=NT

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-why: UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jun 2020 07:07:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/v30/ 225 KB
61 KB 55ms
55ms Script
text/javascript 2600:9000:215d:600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/v30/cmp.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/www.dailyrecord.co.uk/choice.js?timestamp=1592032036934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a6c91fc7525fa5e2d4186dcb795dfc9fd83b756e76fc64bd002de2c1fb47e9

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 19:40:26 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-id: cx4DcgXKIuqGSdR-3-lp-XSXdqtJs2jPOp7NOVWljfEUOOmFS8z15A==
via: 1.1 c4cfd693df2d3c329a667c606d9185f1.cloudfront.net (CloudFront)

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 602 B
2 KB 169ms
87ms XHR
application/json 52.49.190.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/9458/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.190.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-190-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 70be97aca4d51cee33d2c99813afa0ca5391310d842a28cb24fdd6444e8606f9

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:17 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: no-cache
x-server: 10.45.6.110
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 602
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 338ms
112ms Image
image/gif 50.17.132.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=dailyrecord.co.uk&p=%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&u=BTZSa_wFXkrBGcSNa&d=dailyrecord.co.uk&g=33715&g0=lifestyle%2Cmoney&g1=Linda%20Howard&n=1&f=00001&c=0&x=0&m=0&y=7896&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1024&t=HvzxbDB47YXC4n5bgZH9olTEL4D&V=120&i=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%20Record&tz=-120&sn=1&sv=DrKmWmDAd2oRDlFTJmBR-0l5CbqxE5&sd=1&im=067b0ff3&_
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-132-182.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 13 Jun 2020 07:07:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 articleWidgetProd.css
s3.mirror.co.uk/emerging-products/in-your-area/js/ 3 KB
1 KB 47ms
47ms Stylesheet
text/css 143.204.237.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.mirror.co.uk/emerging-products/in-your-area/js/articleWidgetProd.css
Requested by: Host: s3.mirror.co.uk
URL: https://s3.mirror.co.uk/emerging-products/in-your-area/js/articleWidgetProd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-122.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31d3265ea9adc1f960a508df98f45e26ff87e5aa62120611867c4d2989bbf36f

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:50:26 GMT
content-encoding: gzip
last-modified: Wed, 05 Dec 2018 16:07:22 GMT
server: AmazonS3
age: 1012
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=3600, public
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: TqkPLsav-yDpeeZ-6e0gxjEThTUhAV3MNr2olDJQlOcQX8I6wDdYsg==
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)

GET
H2 200 logo-InYourArea-dark.svg
s3.mirror.co.uk/emerging-products/in-your-area/ 12 KB
5 KB 48ms
47ms Image
image/svg+xml 143.204.237.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mirror.co.uk/emerging-products/in-your-area/logo-InYourArea-dark.svg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-122.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3779693716da4a4af3fdafacfc8436ad6379c5d52018745f2d8f3feec554de2

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:50:26 GMT
content-encoding: gzip
last-modified: Wed, 07 Nov 2018 18:01:56 GMT
server: AmazonS3
age: 1012
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=3600, public
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: MQPp3JbFJhy5pGs08gGWNvLINpLBreflwrHVD62x7KqpFsLjvFh0XA==
via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 23 B
438 B 94ms
40ms Fetch
application/json 2600:9000:215d:a000:5:ae3a:ba00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:a000:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 14:03:18 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront), 1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
age: 61439
x-amzn-requestid: 8f1f0c03-6898-4f54-bbb3-90e49054359f
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1, CPH50-C1
x-amz-apigw-id: OBKuBEMnSK4Fdbw=
content-length: 23
x-amz-cf-id: T0BlS6ULlw1KS505vxpsHMl-lI55puXlW1kH34ZCKPuNtDdim3nbYA==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 26 KB
9 KB 152ms
45ms Script
application/javascript 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b1b0d5371227e80401ec8897cfe4fd1b06eba15ac9755c05344e5276c4db41c

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: XYRaj9RsHXliMkq8havIWlXEgfSp0EAT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 08:38:10 GMT
server: AmazonS3
age: 80944
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Fri, 12 Jun 2020 08:38:13 GMT
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: nYF1XlIxRVMp0gqbv0n0Vmgs_gHyvdKa0iFfNnjLD5Jn_iVgWSgoYQ==
via: 1.1 cfd12cc4ec21f43f7afaabc9c7275134.cloudfront.net (CloudFront)

GET
H2 200 reach-beacon.min.js Show response
beacon.s-onetag.com/ 26 KB
8 KB 80ms
26ms Script
application/javascript 2600:9000:215d:2c00:5:9a4c:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:2c00:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 528e385935c819a43a8408d26c6a559def4d21dafb24d2c6fe3de1b300f15ba1

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: W9_b7xavXswWJMyIwjyDnV4t1mJRQf03
content-encoding: gzip
last-modified: Wed, 13 May 2020 13:55:52 GMT
server: AmazonS3
age: 23565
date: Sat, 13 Jun 2020 00:34:32 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: EWIQKenCFjto7enYyU-eE1KZgjcsiuJwygBfyElbSHBTB9BUGPXEmw==
via: 1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)

GET
H2 200 prebid.min.js Show response
prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/ Frame 4512 186 KB
59 KB 87ms
32ms Script
text/javascript 2600:9000:215d:2800:8:391c:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/prebid.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:2800:8:391c:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e13e1529ccd916eb1fe71ef9133bc5411393668d93e244d640648964362b6c7a

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 17:07:42 GMT
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 17:07:29 GMT
server: AmazonS3
age: 50376
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: NJMGJcMkZvJjsmAs-ot_EbMJyxb7KIrOKCqWFrO_17EOJ76MiJQ2QQ==
via: 1.1 1624c79cd07e6098196697a6a7907e4b.cloudfront.net (CloudFront)

GET
H2 200 prebid.min.js Show response
prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/ Frame 3449 186 KB
59 KB 120ms
72ms Script
text/javascript 2600:9000:215d:2800:8:391c:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/prebid.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:2800:8:391c:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e13e1529ccd916eb1fe71ef9133bc5411393668d93e244d640648964362b6c7a

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 17:18:48 GMT
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 17:07:29 GMT
server: AmazonS3
age: 50377
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: YHT6VTho0laR6Zsfvz8QOBiCWX9h4bYhOJbkOvT1ueT-BANCVfRPuQ==
via: 1.1 1624c79cd07e6098196697a6a7907e4b.cloudfront.net (CloudFront)

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 123 B
512 B 234ms
234ms XHR
text/javascript 143.204.244.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3632&u=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&pid=ejsNlOWcg1WBE&cb=0&ws=1600x1200&v=7.50.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-top-slot%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-rh-slot%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-in-article-slot%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-bottom-slot%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-rh-secondary-slot%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-rh-tertiary-slot%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-rh-quaternary-slot%22%7D%5D&gdprl=%7B%22cmpTimeout%22%3A200%2C%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.244.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-244-102.cph50.r.cloudfront.net
Software: Server /
Resource Hash: 63bc04020edd0a6ba2712205585a8060b2a4acc76e7030c7637696a1639a6a4c

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: CPH50-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 129
via: 1.1 b9ba4bda57a72c60657b278a2341fc54.cloudfront.net (CloudFront)
x-amz-cf-id: 6qZbsFZomTrUmrHDVnqGrXl3QbChkEPOt6wMQdwzhh7rpE8pQNJduw==

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 7530 0
102 B 77ms
48ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3226697858301244
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 206
date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 54ms
26ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=9.31306591192092
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 43

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 55ms
26ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=9.31306591192092
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 43

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 114 KB
24 KB 13ms
13ms Script
application/javascript 35.227.208.151
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.208.151 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 151.208.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6643e620d05195621f624a26a3fa707d29ba32f660d93a5faa9316c81601e0d9

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:05:04 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1588691027
age: 133
x-guploader-uploadid: AAANsUlQOrJKhI_T9__PMH46EKFu2pBGjtSKTE6TxpJF-ZxDAq6AsCtn1BWKrDEFfsk9LSIxI1WH0vuZP6t_EcB4ggesIueDQg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 24747
last-modified: Tue, 05 May 2020 15:03:49 GMT
server: UploadServer
etag: "cd7fd4b60de5c9f6afc0818f8102343c"
vary: Accept-Encoding
x-goog-hash: crc32c=Cyz1YA==, md5=zX/Utg3lyfavwIGPgQI0PA==
x-goog-generation: 1588691029288135
cache-control: public, max-age=300
x-goog-stored-content-length: 24747
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 13 Jun 2020 07:10:04 GMT

GET
H2 200 0_Screenshot-2020-06-11-at-194851.png
i2-prod.dailyrecord.co.uk/incoming/article22178258.ece/ALTERNATES/s458/ 231 KB
231 KB 44ms
43ms Image
image/png 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22178258.ece/ALTERNATES/s458/0_Screenshot-2020-06-11-at-194851.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 6dec0ed08c7bac90c1992dfb027cda08a26d05dfd999ccdbf9544015970473d5

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 23:27:54 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 41035
x-cache: Hit from cloudfront
status: 200
content-length: 236294
x-served-by: nat-cache2a.tm-aws.com
last-modified: Thu, 11 Jun 2020 18:57:03 GMT
server: nginx
x-varnish: 848253013 848065617
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: KgHGUPExpQSRVjL4xLwQjYYV4zRAsJeKaMLuO7uTsrAtuGQ4uCiqbg==
x-removedcookies: YES
x-cache-hits: 1

GET
H2 200 0_JS213340749.jpg
i2-prod.dailyrecord.co.uk/incoming/article22176420.ece/ALTERNATES/s458/ 25 KB
25 KB 109ms
108ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22176420.ece/ALTERNATES/s458/0_JS213340749.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 018446bdfd6745e64a05f7070ae7db701b18456af28615c1e1659229e5cf9641

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 15:08:09 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 57548
x-cache: Hit from cloudfront
status: 200
content-length: 25186
x-served-by: nat-cache2a.tm-aws.com
last-modified: Thu, 11 Jun 2020 14:15:05 GMT
server: nginx
x-varnish: 855629997 855316201
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fYLdhkGr9g6xSfNRL5LEHuZFtVO4g81jVySYyLzo8JfiAUyoP_F9ww==
x-removedcookies: YES
x-cache-hits: 4

GET
H2 200 2_Love-Hearts-personalised-giant-roll.jpg
i2-prod.dailyrecord.co.uk/incoming/article22175703.ece/ALTERNATES/s458/ 48 KB
48 KB 73ms
73ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22175703.ece/ALTERNATES/s458/2_Love-Hearts-personalised-giant-roll.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: c59469cb40c4f1cd045bd712d0ce1c81be9206daee2ba0446de08ed840b30fec

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:29:37 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 63460
x-cache: Hit from cloudfront
status: 200
content-length: 48760
x-served-by: nat-cache2a.tm-aws.com
last-modified: Thu, 11 Jun 2020 12:51:59 GMT
server: nginx
x-varnish: 854921771 854778672
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: cLA84DwtVgxQhQCrg199c1wCefrXI721WsKDpPiw5NpQpgdLFNcNVQ==
x-removedcookies: YES
x-cache-hits: 2

GET
H2 200 1_Wardrobe.jpg
i2-prod.dailyrecord.co.uk/incoming/article22161703.ece/ALTERNATES/s458/ 34 KB
35 KB 44ms
43ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22161703.ece/ALTERNATES/s458/1_Wardrobe.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 2f87bcfc6d8f137daa98657900b4f7b1747883c04aa972e41a0a1b8c698d21b5

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 10:32:00 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 74431
x-cache: Hit from cloudfront
status: 200
content-length: 34951
x-served-by: nat-cache2a.tm-aws.com
last-modified: Tue, 09 Jun 2020 09:52:07 GMT
server: nginx
x-varnish: 825200873 825199046
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: IKCbmqvVDtfAC58cXfnl_i1c0Vxk5-ilelZ1QEz5flIF-vizPFADTA==
x-removedcookies: YES
x-cache-hits: 1

GET
H2 200 0_Great-British-Coin-Hunt.jpg
i2-prod.dailyrecord.co.uk/incoming/article22154498.ece/ALTERNATES/s458/ 34 KB
35 KB 111ms
111ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22154498.ece/ALTERNATES/s458/0_Great-British-Coin-Hunt.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 50a8242d610c1de30061dc986f9631aa096449a677ec9012e51fbb60eaffe756

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:27:52 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 2365
x-cache: Hit from cloudfront
status: 200
content-length: 34885
x-served-by: nat-cache1a.tm-aws.com
last-modified: Mon, 08 Jun 2020 04:47:13 GMT
server: nginx
x-varnish: 1473117692 1472630518
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: d8p-YEU4Qhy04q9uCo3CDhYPNQ-I-s9DrceaasyEaDku9R24W5vSiA==
x-removedcookies: YES
x-cache-hits: 5

GET
H2 200 1_Martin-Lewis-explains-what-the-new-furlough-scheme-means-for-workers.jpg
i2-prod.dailyrecord.co.uk/incoming/article22179459.ece/alternates/s270b/ 10 KB
10 KB 108ms
106ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22179459.ece/alternates/s270b/1_Martin-Lewis-explains-what-the-new-furlough-scheme-means-for-workers.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 8550c09fa6c94bab41c3dbd09a184ac7036e54a945bf66b640950f01dcbf4bb2

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 04:36:36 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 9041
x-cache: Hit from cloudfront
status: 200
content-length: 9767
x-served-by: nat-cache2a.tm-aws.com
last-modified: Fri, 12 Jun 2020 01:32:44 GMT
server: nginx
x-varnish: 860674216 860060635
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: HBnHn-DLxnVIvcq0IrPVj6GKD7vJ8ZGxbROOhO2nyEh2f_SEiAxTJg==
x-removedcookies: YES
x-cache-hits: 7

GET
H2 200 1_JS210291032.jpg
i2-prod.dailyrecord.co.uk/incoming/article22182656.ece/alternates/s270b/ 12 KB
12 KB 92ms
91ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22182656.ece/alternates/s270b/1_JS210291032.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: fd0771e0df938e4168648725189569facd2c0f52bfb0bedf0587c041d420796b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 14:41:54 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 59123
x-cache: Hit from cloudfront
status: 200
content-length: 12249
x-served-by: nat-cache1a.tm-aws.com
last-modified: Fri, 12 Jun 2020 14:05:33 GMT
server: nginx
x-varnish: 1495614428 1495544054
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: -LQwPrj1M9kTFijiSQczMiZjOR3DL7e7JhRnY1jQ9u7XmflYLBINJA==
x-removedcookies: YES
x-cache-hits: 1

GET
H2 200 0_Getting-some-help-from-her-granddaughter-to-speed-things-along.jpg
i2-prod.dailyrecord.co.uk/incoming/article22164270.ece/alternates/s270b/ 10 KB
10 KB 91ms
89ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22164270.ece/alternates/s270b/0_Getting-some-help-from-her-granddaughter-to-speed-things-along.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: d03b9553250bd018534018d1b22c3424fd6196dafd34140bf51beaf49462cb2d

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 00:40:12 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 23978
x-cache: Hit from cloudfront
status: 200
content-length: 10037
x-served-by: nat-cache2a.tm-aws.com
last-modified: Tue, 09 Jun 2020 15:25:15 GMT
server: nginx
x-varnish: 830463780
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: m7S2kKBcv-L8haFbgbYasmnKyTQ8Cq18KD-hMKeMgYDzIze_2Fgffw==
x-removedcookies: YES

GET
H2 200 0_Screen-Shot-2020-06-11-at-164249.png
i2-prod.dailyrecord.co.uk/incoming/article22177180.ece/alternates/s270b/ 86 KB
87 KB 100ms
99ms Image
image/png 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22177180.ece/alternates/s270b/0_Screen-Shot-2020-06-11-at-164249.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: 366bd5f1da58b8383f819a05a617e0aff0bfb4afcbdb473c4042e7f53dc1a877

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-cache: Hit from cloudfront
status: 200
content-length: 88471
x-served-by: nat-cache2a.tm-aws.com
last-modified: Thu, 11 Jun 2020 15:42:58 GMT
server: nginx
x-varnish: 851741832 851608381
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: X-Requested-With
x-amz-cf-id: p-mc5H_o_HzavJOICqVCej8oDOQtfX4pl3aGG_pQV74J8CfmwwOolA==
x-removedcookies: YES
x-cache-hits: 1

GET
H2 200 0_ALDI.jpg
i2-prod.dailyrecord.co.uk/incoming/article22180780.ece/alternates/s270b/ 12 KB
13 KB 107ms
106ms Image
image/jpeg 143.204.237.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2-prod.dailyrecord.co.uk/incoming/article22180780.ece/alternates/s270b/0_ALDI.jpg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-21.cph50.r.cloudfront.net
Software: nginx /
Resource Hash: da025929fd8c4807489a75309ac6e9a9b532ac003597c3eab0ea8a93db94a4e2

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 12:56:20 GMT
via: 1.1 varnish, 1.1 290e5de22ec9147f50600bb224f3c854.cloudfront.net (CloudFront)
age: 65457
x-cache: Hit from cloudfront
status: 200
content-length: 12771
x-served-by: nat-cache1a.tm-aws.com
last-modified: Fri, 12 Jun 2020 09:51:37 GMT
server: nginx
x-varnish: 1494860648 1494535915
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
x-amz-cf-id: W0GeqN_EqXfKALQHWLgmiFNv2WLpZ74kIPDhcc2QfNuVmlTRX5_nGg==
x-removedcookies: YES
x-cache-hits: 2

POST
H2

200

/ Show response
r.skimresources.com/api/
Redirect Chain

https://r.skimresources.com/api/
https://r.skimresources.com/api/?xguid=01EAP822PG7NXTA64X1VRMWB6B&persistence=1&checksum=f147e06d5b49468d5e71b1d56d00daf63f4c51519d7becc02c14da44ab36f42d

173 B
489 B

30ms
27ms

XHR
application/json

35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/?xguid=01EAP822PG7NXTA64X1VRMWB6B&persistence=1&checksum=f147e06d5b49468d5e71b1d56d00daf63f4c51519d7becc02c14da44ab36f42d

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

29372967df289fa9b0f0464b700484ccc136e16011e355fb7ce37d2ebbfdc22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
status: 200
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-type: application/json
alt-svc: clear
via: 1.1 google

Redirect headers

date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 google
server: openresty/1.11.2.5
status: 307
location: https://r.skimresources.com/api/?xguid=01EAP822PG7NXTA64X1VRMWB6B&persistence=1&checksum=f147e06d5b49468d5e71b1d56d00daf63f4c51519d7becc02c14da44ab36f42d
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-type: text/html
alt-svc: clear
content-length: 193

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v30/ Frame 95FE 0
0 102ms
38ms Document
text/html 2600:9000:215d:4a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v30/cmp-3pc-check.html
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v30/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Thu, 27 Feb 2020 19:40:24 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 13 Jun 2020 07:07:02 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 7a024d32abd1bf1da267d76e57a01fa1.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: VUQo9pmc95cmtqPZtGulQZiDB146Q1C6wATvtY9xbAy_RovMuiAb0Q==
age: 16

GET
H2 200 geoip Show response
test-apis.quantcast.mgr.consensu.org/ 47 B
150 B 562ms
187ms XHR
application/json 35.166.33.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-apis.quantcast.mgr.consensu.org/geoip
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/v30/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.33.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-33-82.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 9207aa3b28f1aff72041285132eb7375c35178fdce724c478fe50e4773d35453

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 13 Jun 2020 07:07:18 GMT
access-control-allow-origin: *
content-length: 47
content-type: application/json; charset=utf-8

GET
H2 200 trending.d1f71f505085cf14.svg
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/img/ 773 B
1 KB 38ms
38ms Image
image/svg+xml 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/img/trending.d1f71f505085cf14.svg
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5eabf2fd7f20bf65c0f51733b5305747cd5744ff763f102c590ad4c38ec672b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/article-service/read-next/scss/read-next.css?v=b790533e8e5a70ffa0c2c6c8d118c407
Origin: https://www.dailyrecord.co.uk

Response headers

date: Fri, 12 Jun 2020 11:05:08 GMT
via: 1.1 57af23226116253ff93e917fe6898ea3.cloudfront.net (CloudFront)
last-modified: Thu, 28 May 2020 11:36:57 GMT
server: AmazonS3
age: 72262
etag: "5cc24d3edfb6cd3d268a38b17ea072f7"
status: 200
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 773
x-amz-cf-id: 8spni19ddLsE-ZrBizFP2Ut4DBfkhQpeVmO-QJRLPg_w6N53M35c3g==

GET
H2 200 lt.iframe.html
tags.crwdcntrl.net/lt/shared/1/ Frame A37B 0
0 41ms
40ms Document
text/html 143.204.237.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/1/lt.iframe.html
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-28.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/1/lt.iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_dc=1; _cc_domain=.cc.mirror.co.uk; _cc_id=5f65a65ff0a235f13124d3a9164aab67; _cc_cc="ACZ4nGNQME0zM000M01LM0g0MjZNMzQ2NDJJMU60NDQzSUxMMjNnAIK4J9WqDHAg0fD6gCzjJ0%2BG%2F4yMDFvXvBSAsx%2FuV4Sxp79EqGk5cEcJxr6weA4LjH35%2BR24msNI4h%2B7HsHZfz9bwpgnFp9lhwtvnAJXsvxPIYx59qQ6jHnp1CM2GPvBt9sIS5cjsQ8g2B8a7sM9Mmf9U24Ye%2FUphJqd527yw9jnjh5ihrGnPfysAmMDAMrHeAQ%3D"; _cc_aud="ABR4nGNgYGCIe1KtygADLAxs29TBrDWeIJLxzAoQxfTnNpAEAI95Bw0%3D"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
content-type: text/html
last-modified: Mon, 06 Apr 2020 17:36:14 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 12 Jun 2020 21:10:20 GMT
cache-control: max-age: 86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 79222e94ad9d7455e475fd04f37068c5.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: -qt1JavkDXi4l7YgAadzwiKJpyyd1Jsp0RdpJMrBWSVm38bLoMGSMQ==
age: 35818

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 23 B
436 B 81ms
80ms Fetch
application/json 2600:9000:215d:a000:5:ae3a:ba00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:a000:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 14:03:18 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront), 1.1 2f96681b7e4a677eb6259e6f756581c2.cloudfront.net (CloudFront)
age: 61439
x-amzn-requestid: 8f1f0c03-6898-4f54-bbb3-90e49054359f
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1, CPH50-C1
x-amz-apigw-id: OBKuBEMnSK4Fdbw=
content-length: 23
x-amz-cf-id: dNtdV3r5rbr5Jc2tOc58Bvp1P5c15jEZW6cMq1Ln5jatakpox2Hspg==

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
985 B 93ms
31ms Fetch
application/json 2600:9000:215d:2200:7:8699:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:2200:7:8699:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:54:14 GMT
content-encoding: gzip
content-md5: V3bqcw6aFQKp3T52xvqaow==
age: 62489
x-cache: Hit from cloudfront
status: 200
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time
request-id: dba8911e-9d3e-4d63-a759-7a239efbe110
access-control-allow-origin: *
server: restify
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
response-time: 18
x-amz-cf-id: Pkw_aK39FNXT6jDP_9xe-cgN96PjmmDsKoMyw11NPglq14Dym3W8_A==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 98 KB
30 KB 51ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0a8edb7447c3f734d54fe12fc95526e25be58b39ffb9d0452c4103a87f397458

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 12:28:43 GMT
server: nginx
etag: W/"5ecd0b7b-186cb"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 14 Jun 2020 07:07:17 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
548 B 129ms
42ms XHR
application/json 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186772
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c11c266b63110c084a21a7c87d01a6549135ed4374e456cd06f151c34c96280e

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 13 Jul 2020 07:07:17 GMT

GET
H2 200 cmpui-banner.js Show response
static.quantcast.mgr.consensu.org/v30/ 220 KB
60 KB 38ms
37ms Script
text/javascript 2600:9000:215d:4a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v30/cmpui-banner.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/v30/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90f62d86d565d683cd8e9d55498f3e42dbbb33deb4211c86aec9bd63352bfcda

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:57:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 19:40:23 GMT
server: AmazonS3
age: 559
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: rSrKKbPufOFnFmhzYoZuE1w1K4BZ23Ot_cINjVSEYqFHpzNrPXoz6w==
via: 1.1 7a024d32abd1bf1da267d76e57a01fa1.cloudfront.net (CloudFront)

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
985 B 57ms
31ms Fetch
application/json 2600:9000:215d:2200:7:8699:e840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:2200:7:8699:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:54:14 GMT
content-encoding: gzip
content-md5: V3bqcw6aFQKp3T52xvqaow==
age: 62488
x-cache: Hit from cloudfront
status: 200
access-control-allow-headers: Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time
request-id: dba8911e-9d3e-4d63-a759-7a239efbe110
access-control-allow-origin: *
server: restify
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
access-control-expose-headers: Api-Version, Request-Id, Response-Time
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
response-time: 18
x-amz-cf-id: jP8NayuMcFazKzT5TsVrYG7o07ZXJsqzNcuykH4GopUSPx2DF2SlPw==

GET
H2

200

/
p.skimresources.com/ Frame 7530
Redirect Chain

https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=5f65a65ff0a235f13124d3a9164aab67
https://p.skimresources.com/?provider_id=5f65a65ff0a235f13124d3a9164aab67&skim_mapping=true

43 B
102 B

27ms
26ms

Image
image/gif

35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/?provider_id=5f65a65ff0a235f13124d3a9164aab67&skim_mapping=true
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status: 200
content-type: image/gif
alt-svc: clear
content-length: 43

Redirect headers

date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 google
server: TornadoServer/2.4.1
status: 302
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://p.skimresources.com?provider_id=5f65a65ff0a235f13124d3a9164aab67&skim_mapping=true
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
345 B 42ms
42ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/76202X1529444.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:17 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

POST
H2 204 batch Show response
felix.data.tm-awx.com/ 0
57 B 43ms
42ms XHR
text/plain 52.49.48.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.48.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-48-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

status: 204
access-control-allow-origin: *
date: Sat, 13 Jun 2020 07:07:17 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame B6DC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_brt_dm_smrt_sovrn
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_brt_dm_smrt_sovrn&dcc=t

0
0

208ms
208ms

Document
text/html

52.95.124.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_brt_dm_smrt_sovrn&dcc=t
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A0Ww_qm3-UGCpeN9efxeUHQ|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

Server: Server
Date: Sat, 13 Jun 2020 07:07:18 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 199
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A0Ww_qm3-UGCpeN9efxeUHQ; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 07:07:17 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Jul-2025 07:07:18 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sat, 13 Jun 2020 07:07:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_brt_dm_smrt_sovrn&dcc=t
Set-Cookie: ad-id=A0Ww_qm3-UGCpeN9efxeUHQ|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 07:07:17 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 97 KB
18 KB 86ms
32ms XHR
application/json 2600:9000:215d:6800:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/v30/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:6800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad25613558e2ab513ed517de8b22c470db976ae72dbe1ee9fae7cbc459f80c5b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 16:11:55 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 140123
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 11 Jun 2020 16:00:46 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: J1hJuy6rXgqAD.r5CjxF1FefD7WlCD_1
via: 1.1 e5f9cea29f02f6a9a9b4da9c89f48d01.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: CPH50-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: eCwwYxOKWITeZoTugDzrIUMrLPqWFpnwBKVjWicGyEWh7TttDAuZBQ==

GET
H2 200 noniab-vendorlist.json Show response
quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/www.dailyrecord.co.uk/.well-known/ 1 KB
997 B 494ms
441ms XHR
application/json 2600:9000:215d:600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/www.dailyrecord.co.uk/.well-known/noniab-vendorlist.json?timestamp=1592032037318
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/v30/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00baf0d775f7f46bd10d130ca124b6418b161729729e4082cbe94815f3e50469

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:19 GMT
content-encoding: gzip
vary: Origin
x-amz-cf-pop: CPH50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
access-control-allow-origin: https://www.dailyrecord.co.uk
last-modified: Thu, 12 Mar 2020 09:58:33 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json;charset=UTF-8
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-id: iyD7_27fKIQvvy119n7NEBeKSzFtvrS-BC83Cj_vcE5ZP0QldFLSrg==

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 7530
Redirect Chain

https://x.skimresources.com/?provider=exelate
https://loadeu.exelator.com/load/?p=787&g=001&j=0&
https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
273 B

65ms
21ms

Image
image/gif

195.181.175.46
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-44.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:18 GMT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: "59f0c3fc-2b"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-edge-ip: 195.181.175.44
x-age: 935105
accept-ranges: bytes
content-length: 43

Redirect headers

date: Sat, 13 Jun 2020 07:07:17 GMT
server: nginx
x-powered-by: Undertow/1
status: 302
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 pubvendors.json Show response
quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/www.dailyrecord.co.uk/.well-known/ 6 KB
2 KB 506ms
506ms XHR
application/json 2600:9000:215d:600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/JYWDqeLS64fbt/www.dailyrecord.co.uk/.well-known/pubvendors.json?timestamp=1592032037318
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/v30/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a117a519c3759923d441bd98375e82689a20f9a0c9d53ac6a8d25820f6695cff

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:19 GMT
content-encoding: gzip
vary: Origin
x-amz-cf-pop: CPH50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
access-control-allow-origin: https://www.dailyrecord.co.uk
last-modified: Tue, 24 Mar 2020 19:56:46 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json;charset=UTF-8
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-id: dU2r5vJpVF_9j7nCSiUCwVKihcS--JUPuXXp5P6O_j3KHidgmEuf9A==

GET
H2 200 logo-reach.png
s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/shared/ 2 KB
2 KB 38ms
38ms Image
image/png 143.204.237.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-branding/publications/shared/logo-reach.png
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-89.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 093c67c7893b9830abb823443b276a726b56c582ccddbb4e5244ea81db8b3233

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 16:17:44 GMT
via: 1.1 955dd6709359125ce043ededf19b3991.cloudfront.net (CloudFront)
last-modified: Wed, 20 May 2020 12:19:24 GMT
server: AmazonS3
age: 53524
etag: "483d3a0ea81aa148287d2b8883231a1e"
status: 200
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7776000, no-transform
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 1683
x-amz-cf-id: NMpDVZLyyw2m4k1bNV4zpMeBjW8KtVAUNaJsiFwhR53Hbgrq9broPQ==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b1f3b6e8f8bfbdf8c30524544c8b844f42f72a16da547af9b3793488f4ced0d

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 4512 23 B
584 B 77ms
25ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.12.0&iv=ov
Requested by: Host: prebid.s-onetag.com
URL: https://prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 6577da8128359a4e153e07faf38fdb6c97e9baadda3332f5e645a8657403b7fe

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 Jun 2020 07:07:18 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 3449 23 B
584 B 85ms
29ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.12.0&iv=ov
Requested by: Host: prebid.s-onetag.com
URL: https://prebid.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/prebid.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 917a70cc805a0f7f68f44cc16dcb3fe7a805a2b052a02c352385256afa578213

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 Jun 2020 07:07:18 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43

GET
H2 200 px.gif
market-dev.s-onetag.com/ Frame F51B 26 B
373 B 109ms
32ms Image
image/gif 2600:9000:215d:e200:1d:76ee:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://market-dev.s-onetag.com/px.gif?ch=1&rn=5.288892497531276
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:e200:1d:76ee:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 01:02:09 GMT
via: 1.1 1624c79cd07e6098196697a6a7907e4b.cloudfront.net (CloudFront)
last-modified: Thu, 09 Apr 2020 13:53:27 GMT
server: AmazonS3
age: 21910
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 26
x-amz-cf-id: h3KplBQYnhUXJRwG4qhJVCv2_kH2Ddr_VhxqEiU6Ht9w7OmEEctvNQ==

GET
H2 200 px.gif
market-dev.s-onetag.com/ Frame F51B 26 B
371 B 109ms
32ms Image
image/gif 2600:9000:215d:e200:1d:76ee:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://market-dev.s-onetag.com/px.gif?ch=2&rn=5.288892497531276
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:e200:1d:76ee:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 01:08:39 GMT
via: 1.1 1624c79cd07e6098196697a6a7907e4b.cloudfront.net (CloudFront)
last-modified: Thu, 09 Apr 2020 13:53:27 GMT
server: AmazonS3
age: 21910
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=86400
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 26
x-amz-cf-id: S67OV3sEt7v1ICWdqBt4w0m59uLWh1f35CpcWrYmYvagjKqOl0xImg==

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 5347 6 KB
3 KB 29ms
28ms Script
text/javascript 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401474
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Jun 2020 07:07:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:06:40 GMT
Server: nginx
ETag: W/"5e8cdd50-17e9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Cache-Control: max-age=604800, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap6ams1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials: true
Expires: Sat, 20 Jun 2020 07:07:18 GMT

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
487 B 142ms
47ms XHR
text/html 143.204.237.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1592032038640;Daily%20Record;https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768;;;;;b,off,false,JYWDqeLS64fbt,1,en,30,206,true,true,true;displayConsentUi:mandatory,;GDPR-u729asz37citzldl8pl2
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v30/cmpui-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-60.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:43:33 GMT
via: 1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
vary: Origin
age: 1427
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
x-amz-cf-id: StPJ7tcLg9uG8iFctCv9CJPEOBYV2vZjLbn9-wVQHGFNxAjN2-9ROw==

POST
H2 204 batch Show response
felix.data.tm-awx.com/ 0
57 B 117ms
117ms XHR
text/plain 52.49.48.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://felix.data.tm-awx.com/batch
Requested by: Host: felix.data.tm-awx.com
URL: https://felix.data.tm-awx.com/felix.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.48.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-48-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

status: 204
access-control-allow-origin: *
date: Sat, 13 Jun 2020 07:07:19 GMT

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 42 B
408 B 95ms
31ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid.js?v=ca530940770001d4a547a7fd3680a322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:21 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 42
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 115 B
467 B 138ms
44ms XHR
application/json 37.252.161.190
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid.js?v=ca530940770001d4a547a7fd3680a322
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.252.161.190 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams1.adnexus.net
Software: nginx/1.13.10 /
Resource Hash: 17477e33dfef1fbbdbab9e310a02178033f318150dd0aeaebc04485cb3e04ce2

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:21 GMT
Server: nginx/1.13.10
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 115
Expires: 0

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 158 B
372 B 445ms
283ms XHR
application/json 52.212.41.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid.js?v=ca530940770001d4a547a7fd3680a322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.41.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-41-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0497a0edf37536fc1e2a0dd666016601c3d3ea9f07e0a15e5b55d3b8e8499636

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:19 GMT
status: 200
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 158
expires: 0

GET
H2 200 /
get-latest.convrse.media/ Frame C365 0
0 93ms
93ms Document
text/html 2600:9000:215d:e200:13:79eb:1780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get-latest.convrse.media/?url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&cre=center&cip=19&npa=0
Requested by: Host: get-latest.convrse.media
URL: https://get-latest.convrse.media/parent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:e200:13:79eb:1780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: get-latest.convrse.media
:scheme: https
:path: /?url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&cre=center&cip=19&npa=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 0
date: Sat, 13 Jun 2020 07:07:19 GMT
x-robots-tag: noindex, nofollow
set-cookie: ConverseID=40fb043e-3095-4d11-a2a7-11b099f3f13d; Max-Age=31536000
cache-control: max-age=0,s-maxage=600
x-cache: Miss from cloudfront
via: 1.1 79222e94ad9d7455e475fd04f37068c5.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: tCnZbBq9IqxLptEvLg_PKA1d98pq9CRBXoWYuGMUfVDxRiXA-3o8QA==

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/6035737/ 0
400 B 540ms
540ms Script
application/x-javascript 104.121.152.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/6035737/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.152.36 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-152-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Jun 2020 07:07:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Tue, 16 Jun 2020 07:07:22 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 11 KB
4 KB 55ms
34ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=015440420724022033189%3Awlv3b4v7a0y

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

a14e1b1d6c2cd5076fdb2a0f409800004c6c63e5990967b997f30d31639c5d52

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:22 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3499
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:22 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tmg-network/ 349 KB
39 KB 65ms
22ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3TH25P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.284.1.1-10.92.4 /
Resource Hash: dd9d032466d0417c4766f685738c484e83c3c0005729dcc4d633a2d4407f598e

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 4QtAXocNBRz0QliMcQ3Wyv5ZkACqrbSu
content-encoding: gzip
etag: "36f7bee52ae3e21fa304dac1dd98167d5db4a275"
age: 7632
x-cache: HIT
status: 200
content-length: 39762
x-amz-id-2: PnKStMQOtP9gQOqjLODZCBiM5IcQtj8NikUbUBJzQjeuBevpUbAe/pQa6peD/Q/7WOaFZF7wcUo=
x-served-by: cache-hhn4035-HHN
x-from-cache: 1
access-control-allow-origin: *
last-modified: Thu, 11 Jun 2020 15:32:11 UTC
server: obaker.284.1.1-10.92.4
x-timer: S1592032042.168002,VS0,VE1
date: Sat, 13 Jun 2020 07:07:22 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: F333E2CC98DCB530
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 6
x-cache-hits: 1

GET
H2 200 / Show response
mydmp.exelator.com/load/ 1 KB
6 KB 64ms
50ms XHR
application/x-javascript 147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/load/?p=1042&g=3&j=d&url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&rurl=&application=Responsive%20Web&channel=lifestyle&channelId=3229&sectionId=3265&publicationName=dailyrecord&publicationId=4&environment=prod&platform=nationals&pageName=dailyrecord%3Alifestyle%3Amoney%3Aarticle%3Anetflix-email-phishing-scam-targets%3A22179768&pageType=article%3Anews%3Areadmore%3Areadmore&ownerSite=dailyrecord&ownerSiteDomain=www.dailyrecord.co.uk&subSectionOne=lifestyle&subSectionTwo=money&features-showVpaidControls=true&features-loadIrisManually=true&features-preloadFonts=true&features-PWA.enable=true&features-readNextEmbeds=true&features-removeSSO=true&features-chartbeatHeadlinePageTypes=%5B%22home%22%2C%22channel%22%2C%22topic%22%5D&features-felix.endpoint=https%3A%2F%2Ffelix.data.tm-awx.com%2Fampconfig.json&features-chameleon.cookiePolicy.enabled=false&features-smallerFloatParkVideo=true&features-recommendations=https%3A%2F%2Fmab.data.tm-awx.com%2Frhs&features-prebidLibrary=true&features-GDPRConsentV2Enabled=false&features-quantcastCMPEnabled=true&features-PWA=%7B%22cacheFirst%22%3A%7B%22modalTimeout%22%3A2000%7D%2C%22combinedPrompt%22%3Atrue%2C%22scope%22%3A%22%2Flifestyle%2F%22%2C%22options%22%3A%7B%22pushStyle%22%3A%22headline%22%2C%22pushSticky%22%3Atrue%7D%7D&features-bundledCss=false&features-IASVisRestrictToGeo=UK-IE&features-swipeNavigation.endpoint=https%3A%2F%2Fmab.data.tm-awx.com%2Fpwa-swipe&features-navWithArticle.enabled=true&features-prebidTestLibrary=false&features-codesplit=false&features-irisTvEnabled=true&features-nocodesplit=true&features-resetTagOnAirshipChannel=true&features-tcfVersionOne=true&features-readMoreWithImage=true&features-amazonVideoTagEnabled=true&features-amazonTagEnabled=true&features-newsletterSiteName=Daily%20Record&features-webPushNotifications.vapidKey=BNUa9Z4jMU8ZeRJmWvYXugO_Gnc3DgEyXPcWzNnR9nRbl8AsmCO2lZHGpJ5m17FgzjU4NFlSwDvg9-Y5Y3AoRpI%3D&features-webPushNotifications.serviceName=airship&features-lotameLightningTagV2=true&features-prebid.sendAllBids=true&features-readNextRecommendation=https%3A%2F%2Frecommendations.data.tm-awx.com%2Ffallback&features-webPushNotifications.token=MTpucTk0cV9RT1NncUtNSUZlQVFMdThROnFHNkUzQzhReURfTWd0ekdydmQ1d09xNHRzaUdMelk0eUJGcmtTWHV2MTQ&features-videoHeaderBiddingEnabled=false&features-irisAutoplayVideosMax=4&features-video.header.bidding.enabled=false&features-ozoneAllowedKeys=oz_gmpd_crid%2Coz_gmpd%2Coz_gmpd_adid%2Coz_winner%2Coz_gmpd_adomain%2Coz_gmpd_pb_r%2Coz_gmpd_adv&features-webPushNotifications.appKey=nq94q_QOSgqKMIFeAQLu8Q&features-newslettersURL=https%3A%2F%2Fcommunicatoremail.com%2FIN%2FDCF%2FwYm70CutOFVRBalaN%257eK7eP%2F&features-webPushNotifications.pushDisplayService=airship&features-GDPRConsentEnabled=false&features-swipeNavigation=true&features-collectiveDisplayPrebidEnabled=true&features-irisClientToken=OJGDNNHAVK88GPG&features-spotxVideoPrebidEnabled=true&features-externalBrandCSS=true&features-groupmDisplayPrebidEnabled=false&features-displayPrebidEnabled=true&features-ixVideoPrebidEnabled=true&features-modularCss=true&features-manualReconsent=1&features-ozoneDisplayPrebidEnabled=true&features-nativeAppBanner=true&features-video.ima3Version=3&features-videoPrebidEnabled=true&features-appNexusVideoPrebidEnabled=true&chameleonSegment=true&configurationMode=desktop&allTags=Netflix%7CPersonal%20finance&articleAuthor=Linda%20Howard&articleId=22179768&articleTitle=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped&articleUrl=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&headline=dailyrecord_netflix-email-phishing-scam-targets&primaryTag=Netflix&publishDate=2020-06-12&firstPublishDate=2020-06-12&firstPublishTime=08%3A05&objectType=article&sensitiveArticle=false&embeddedArticle=false&liverpoolStoriesArticle=false&axatePaywallArticle=false&isHavingCommercialFactBox=false&subType=news_story&communityChatArticle=false&articleViewMode=desktop&isTrusted=true
Requested by: Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: 0d97c41835d960fccf7f52d251d08568b42bcca7431bf291cf5fe49489843afc

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:22 GMT
server: nginx
x-powered-by: Undertow/1
status: 200
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/x-javascript;charset=UTF-8

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/9458/ 33 KB
4 KB 116ms
39ms XHR
application/json 143.204.237.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/9458/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/9458/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.237.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-28.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7afa3084c1e9a54ad88b9f286de1c12cde478db30f038e3195a4a0b81eeb5d8

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jun 2020 10:05:18 GMT
content-encoding: gzip
age: 75725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 10 Jun 2020 09:47:29 GMT
server: AmazonS3
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6bbb9e57107c7a01cb917ee3ce235a9b.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: AIcxpxuE9I1PFbD6HhseUf3xV0zYinUBCj_FJa0OwIiLE5fe7vo58Q==

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/57975621473fd078/ 261 KB
86 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23304e9ae5b04a60edeb8a18d67e2de3a37fe961b02ee5d4db9a18493fd85641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 18:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 13:21:59 GMT
server: sffe
age: 46620
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88380
x-xss-protection: 0
expires: Sat, 12 Jun 2021 18:10:22 GMT

GET
H2 200 default_v2+en.css
www.google.com/cse/static/element/57975621473fd078/ 40 KB
9 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/57975621473fd078/default_v2+en.css

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50f20ecac24eeea05e7fc20c4f5d20b5075e061fd067d1f956e424fe010dcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 18:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 13:21:59 GMT
server: sffe
age: 46620
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8905
x-xss-protection: 0
expires: Sat, 12 Jun 2021 18:10:22 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 12ms
12ms Stylesheet
text/css 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2b5aedab6d8d1c405b309e966859cc6f9f836039b5b4999d15dfc25307e8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 06:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 1593
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:30:49 GMT

GET
H2 200 net.php
mydmp.exelator.com/load// Frame B287 0
0 32ms
30ms Document
text/html 147.75.102.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://mydmp.exelator.com/load//net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3BfdXNlcl9pZD1lMDFiMzZlZTNhOGMzOGI4OGE4ZjMyMzE3YTk4YTViYiZwX2lkPTI4NTM5IiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9leHAubXhwdGludC5uZXQvc24uYXNoeCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9NzMwJmo9MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vcHhsLmNvbm5leGl0eS5uZXQvYy9jc2U%2FYT1SJkE9MjkyJkQ9NmIyYiZWPTkmSTBrPXB0bnJpZCZJMHY9ZTAxYjM2ZWUzYThjMzhiODhhOGYzMjMxN2E5OGE1YmImYj0xNTkyMDMyMDQyMTYyIiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9ndW0uY3JpdGVvLmNvbS9zeW5jP2M9MTQmcj0xJmE9MSZ1PWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDg5JTI2aiUzRDAlMjZCVUlEJTNEJTQwVVNFUklEJTQwIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=800ae686d2f441702ecdbffcada39447
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.200 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash

Request headers

:method: GET
:authority: mydmp.exelator.com
:scheme: https
:path: /load//net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL2FuYWx5dGljcy50d2l0dGVyLmNvbS9pL2Fkc2N0P3BfdXNlcl9pZD1lMDFiMzZlZTNhOGMzOGI4OGE4ZjMyMzE3YTk4YTViYiZwX2lkPTI4NTM5IiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9leHAubXhwdGludC5uZXQvc24uYXNoeCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9NzMwJmo9MCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vcHhsLmNvbm5leGl0eS5uZXQvYy9jc2U%2FYT1SJkE9MjkyJkQ9NmIyYiZWPTkmSTBrPXB0bnJpZCZJMHY9ZTAxYjM2ZWUzYThjMzhiODhhOGYzMjMxN2E5OGE1YmImYj0xNTkyMDMyMDQyMTYyIiBoZWlnaHQ9IjEiPjwvaW1nPjxpbWcgd2lkdGg9IjEiIGFsdD0iRXhlbGF0ZURhdGEiIHN0eWxlPSJkaXNwbGF5Om5vbmUiIHNyYz0iaHR0cHM6Ly9ndW0uY3JpdGVvLmNvbS9zeW5jP2M9MTQmcj0xJmE9MSZ1PWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDg5JTI2aiUzRDAlMjZCVUlEJTNEJTQwVVNFUklEJTQwIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=800ae686d2f441702ecdbffcada39447
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EE="e01b36ee3a8c38b88a8f32317a98a5bb"; ud="eJxrXxzq6XKLQSHVwDDJ2Cw11TjRItnYIsnCItEizdjI2NA80dIi0TQpaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJ4SX5RZvoiZ4%252FFRSlpDItKik8F7wxzBACN6ynr"; udo="gAAAAAQAABmBKLUv%252FWCBGOVEAKpmJBhHUN7ZAAJDwZiElMKMVgEQ1hDOHHAwOHLUdjgq5YaODCBjRyBRzlOCVcImuSS1%252BBOUpwnHS4EFI6wF0Y9oBw0nZi2Q3iMx%252BQGFAWMBZwE3Vd%252B1iGVNKGSUsIkWStFXrhNR25yZSSk5DYZh4BiUkLmUlUd8QW1TUibSTSaSSMvGI31NcuGXmfZT7Bgb9nqLZZHBddlUmRGlQlaDK50nQUcnoI22sLzQwVIy80O%252B%252FFUDpf8PXCWQKpFGorklbVqXsPhfaKba%252Bj%252F%252BWL7MTWoiUsMII4oaNP8LhQHz%252FwGiGy6%252BEj6QRAj5P2lUDxhmWetk6dbQEZ7QRUM0ER6aaMWFJiylFkAJDk4gmAJHMAmiXfGeXFHISexgYjUMUeJOlRlUM4xKU9n85TF%252BXCBhsQJFGdaItWj1Y3Z7ghOEeHSjaoqpTAp3F4KqiopgUNZQpXC7YQPqpNqzqJy2U1uGTBXpmW94jKyY5gmBR9l1Zu4aM%252B%252ByWFGihGQ%252BEGLEkDQjBFBQepCdhv8LgeXk4ZeoGGdi6pcfox8LjnAuiP4X8vpIXm7%252Fg%252BWQvNyI%252Fk8i%252BP9X%252F9vb29tP8P8HsIFAG9f1FnMiaqP4ro9FEfg6suP%252B38L3Wgb7fRWjEbmebjULtst%252BeTWFRRqKyaSPxiV3Au7nerRcQOGGpaXnE%252FloaQHnul9P9FFJT0GZHf0yWFob67TCqGIvjmEYON35967qu%252FVOolwiz%252BIsz7fUc7LSJmXk0TjHWR8w3gGdTl8NDNa%252FmLfjQYE1EOgE8mxgzbvvJZ4zhu%252F3txWRUmI8oHY2Tm3j7C4IB3vRHO95XatZJc%252FK166jtkvZzMiSiBRy97u3Vqm6%252FU7rXOf3W7mm9sxr57PWd%252BcZ05g8g9fibG%252FHg5f2m9%252FS9%252BHZrgfvePAu6IvR%252ButeldpWMxBZY1Em0kLjLEyyLRZnmappfFpun%252F30%252FfV21O1xls9uflpDyZjyUJ7pJTItzgaXdkDeb0fX%252BfN6BER2NiLnWVjn2uYsH41MIXEoteRq2fhu7SpDMyKfZJlYVkRe1ap6L%252BXvoplR2WTSRiJyylhUg%252BHdb4xpXDY1yTQz6qhW9S7lsaVMC4v01SzxU1mvc%252Bn92%252FP1%252FWr1Vn25dl%252Fr3paDcb8rVZ9vV45L%252Bfem4lOndelkt9pCsnuvrSf4tbfG4rvMhdb7Exmc61a5rJxWrajtXtv4%252Fj71fL%252BVafm997ve61Fo0zrf7z7HLby1%252Fe43j0vt%252FHa%252BfY9L7XuOAue6d1%252Fvd35Hq1Edb8XeUGpwrmuVSut8WQbnulEKSjE4160%252B3xp%252F3tR3Wvc6Ewmc6%252BpPfR6Dc91pbevT13Ymz%252BBcV4nLzu9obeHdoW9%252F51ThGpzr9nxtC8mQfhkzNj6v7ylxWuP2XeXTsK8K35UOECmmeBhuxK6vJxcfvDy0rQiG1Tjk0DlIxBGTJaJF0Mon1UN5woS0jMy0tAtlVLXhzSHgNT%252Fjjq0c%252FA%252FgzDdVBD1WMwf%252FoC4aUAyvLDhEl7eNG9YXM6AdwKj5Bh5ALig8B%252F%252FvIEYO%252Fgaec3BtSeSQlonczyQaRQxlejYupZL0EPngolk4131mA1%252FBH%252FOMVsXYqlRcTCjMRPZrqQe1a3sH272l37MX9548XlwvAZdg366GxkDo%252B9u%252B%252BCou9lW1tUhhSRD%252B%252Fz9IQT5HTN4kQfgpGvB2cFKhd%252Bj%252BhwsgMYowR%252Ff%252FhiIpTYbo%252Ftew45dHAxFsSAUiSgclkzape4SLtjV7gRj5SDFz9I%252BQwga8HXBGX4B4D7ANiD2%252FpwExgwAI%252F38gIF5P0A0dVJKN98of%252Bj7fBynop0j3fwTZqPsfwhR6r06luv%252BT7OC6%252FwtMiPpDP%252BgHGX3R%252FZ%252BBS9mxiRc7gXX%252FY5Cf%252FKEP9IH%252B%252Fz5JTDgHR93%252FvwKBP%252FRxH%252Ff%252FD%252FAA%252B5l2Pl%252FPw9PJFMNavAco0wKfNijUueXq3rSzpZQuv8mOSSEULZQyi7Nafa5TuWxSLV5rjG1ZRAZ3v19d3Hkrd7uLg70x4BSr45ri9fMM56M106ZGX6mNW4c9jr3zXCdy2fz0juY1HsWLS%252Fb6duL7t7fvHS%252BmxQGBg6hxRCwNjAxAAAAAAFAA0QUAKeiMOAASYOYYBSEECEPGICEQBBGq5KShA%252Fzlf5L%252FxGRKLG3cGZucElt5cgPDYa2VD4xKf4wfy0YVAsUL6L0b9thnVQz3M3eofoweuW4xy4u7ndvoVB%252FYqWEZjJnavinBwJvB9WfhalV3KHKQgXxPwBXifgF%252B4XlVxjO%252B%252FuWrsWHzvVdVWw%252FONchftgJBjb8KU7WiVZ2u4Hatb1Wl98DHZkrZbWrkrQuG%252BDwSXgvoZ0kuZJWCvOggvpQzuGDxmEB9Kelv9K2KVK7YD1R6KBrfZcIpR%252FKHIXhZzXEVUbpY4R%252BmAilKMtF81IPgXzFwsafQxhZ6tLcQ4BT7iTR2FusZ8iMyiaphsQmE4qTlySE10ZmAHjNlEykRYlK7%252FDirAemoFJWCcKlUUuSmYFirE7Uab1PxFFBIidQViG9Jp9yaWoNLaS5dhFZWeSlb1LFiDcUtUDQb2vtkpRK4SPlS1Jpbc0%252BRm6JaQ2ptghZVJxxbV2h9mUPIOAiDDUaUnWQeHiXVUXFMT1lo3xPQZJQdhq8jI6qFGfcc6ghV2Yy%252FUU%252Bn9FTfwtnogyaVmO4d7DWTV3FALIPW93SZq%252FljbyKrZ9sGc1SBaBy4KwgshrfMOpuh4qIxMTrMx0xqivy4FAZCo2%252FPQkYcJ4EwOBwXOWljBgcOGBxlxjsjeXPcJQCSEpyuIQA1kB4TaMJVzCLg7xpRGAVAUBhWYQAQBRB8hDNYH8CNMcoa8u4fxtNRlo%252FJjI5HkAwbLEpIJ0olpBLTSvSj0%252Bl3u8vnjNJjq3E7I7Yu3%252B5oLQuHp374zuvbHS2POYwhh5zBDxRGybHOccjhqsajanyAoJgcvYcfptt%252FcywH"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
server: nginx
date: Sat, 13 Jun 2020 07:07:22 GMT
content-type: text/html;charset=UTF-8
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 171 KB
60 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/57975621473fd078/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7fe829bdf420d873a3ecca4f9df43e163035a5078fec4080c5bfba542f2967f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "15156598454992367826"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:22 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 6ms
5ms Image
image/png 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 00:16:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 111058
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:16:24 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
244 B 30ms
6ms Image
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:22 GMT
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 impl.20200607-25-RELEASE.js Show response
cdn.taboola.com/libtrc/ 446 KB
126 KB 23ms
23ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 447bc3d208c00eb034b6628cfd19d92eb2b4808cbeab6ba0894493556ee2cf37

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Ym8B3azCyJ83PicCvSzOkEo_4iGs.WLZ
content-encoding: gzip
etag: "dad3eff58ef3c7e197420f2df8f7e264"
age: 102
x-cache: HIT
status: 200
x-amz-replication-status: PENDING
content-length: 128911
x-amz-id-2: 6Tj48Ll2RKArLlJbuYNXPncQzyhCYNZPNQgR2ADCDpOMcLf44Of1J3zap6etwyhFpxwB4jL1YOc=
x-served-by: cache-hhn4035-HHN
last-modified: Thu, 11 Jun 2020 16:09:15 GMT
server: AmazonS3
x-timer: S1592032042.262459,VS0,VE0
date: Sat, 13 Jun 2020 07:07:22 GMT
vary: Accept-Encoding
x-amz-request-id: 1368975F93F4FAEE
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 2
x-cache-hits: 759

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 69ms
24ms Script
application/x-javascript 104.121.152.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.152.36 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-152-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 13 Jun 2020 07:07:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sun, 14 Jun 2020 07:07:22 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
528 B 24ms
24ms Image
text/plain 104.121.152.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1592032042382&ns_c=UTF-8&cv=3.5&c8=Netflix%20email%20phishing%20scam%20targets%20UK%20subscribers%C2%A0-%20don%E2%80%99t%20be%20duped%20-%20Daily%20Record&c7=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&c9=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.152.36 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-152-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:22 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load-cookie.html
elb.the-ozone-project.com/static/ Frame 0304 0
0 44ms
43ms Document
text/html 52.212.41.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&pubcid=3c4a42dc-14e6-4bc5-8545-76f33f6f3f1b&publisherId=OZONENREACH1&siteId=4204204202&cb=1592032039562
Requested by: Host: s2-prod.dailyrecord.co.uk
URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid.js?v=ca530940770001d4a547a7fd3680a322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.41.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-41-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: elb.the-ozone-project.com
:scheme: https
:path: /static/load-cookie.html?gdpr=0&gdpr_consent=&pubcid=3c4a42dc-14e6-4bc5-8545-76f33f6f3f1b&publisherId=OZONENREACH1&siteId=4204204202&cb=1592032039562
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
date: Sat, 13 Jun 2020 07:07:22 GMT
content-type: text/html; charset=utf-8
content-length: 10867
accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
expires: 0
last-modified: Wed, 29 Apr 2020 09:58:36 GMT
pragma: no-cache
vary: Origin

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 172 B
1 KB 51ms
51ms XHR
application/json 52.49.190.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/9458/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.190.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-190-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 794cd1eb86d8df593d409db3e63f6689a321c0b98bdaf25800d585debcbda715

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:22 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: no-cache
x-server: 10.45.20.171
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 172
expires: 0

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
806 B 43ms
42ms XHR
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13438628&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=rJPKgBBv&psa=0&referrer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&gdpr=1&gdpr_consent=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ff42cd317dd51632421aa3db6f27857ca17f63370002c8c99704b90e92c043d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:27 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid: 6b1d96a6-239d-4242-903e-59a1e715a49e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
807 B 91ms
48ms XHR
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13438637&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=ZASwFOf1&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&gdpr=1&gdpr_consent=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

36e0ccb67e21e833e75e1fe8bd86f85452a1a3985835fd4ae463a65a94819570

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:27 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid: 626dda7f-4169-48e4-8c24-ee32ec507554
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
807 B 123ms
49ms XHR
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13438642&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=k0pIDUBW&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&gdpr=1&gdpr_consent=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b9f0d58ddcf0a9a72f6d42c19381b0f2c8b32989c3110766cb1434a5842f3205

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:27 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid: dfbc4a5d-9abd-4cd9-bc0e-90a36c57ada8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
806 B 118ms
42ms XHR
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13438639&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=jUf5LEua&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&gdpr=1&gdpr_consent=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0ebd5a3d7b30af391f972b0bc48d024993957291a40dfd5fa07d9c2d85655548

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:27 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: e689505a-9ddd-41f9-9175-2c04579f4008
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
806 B 135ms
55ms XHR
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13438641&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=YSwcGXBs&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&gdpr=1&gdpr_consent=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

845ea0103af2e2a6c2b0d9459ad7cca232c9d239811347d0dd40f93eb4769b42

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:27 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: bb4327a3-be81-4bfe-9c90-509b2dba2491
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
807 B 145ms
64ms XHR
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13438636&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=A8ani8o5&psa=0&referrer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&gdpr=1&gdpr_consent=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7ba2a6df40f86067fce719174d658327b5618e9c8040dc4000a19e829e9a1f06

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:27 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid: 64df1635-043f-4934-8bcd-21c4853d6b0d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
807 B 119ms
38ms XHR
application/javascript 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13438635&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=K69YTdhF&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&gdpr=1&gdpr_consent=&us_privacy=

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

82e38e9b679e923a3974c70193888cabca666dea15e0ca687cb4b92f891fa400

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:27 GMT
X-Proxy-Origin: 185.236.201.148; 185.236.201.148; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.135:80
AN-X-Request-Uuid: 56b3d234-1f9f-4e8b-b468-2aabf8245310
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
728 B 123ms
31ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7949&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&p_screen_res=1600x1200&site_id=304132&zone_id=1534996&kw=rp.fastlane&tk_flint=index&rand=0.049175943301223324&gdpr=1&gdpr_consent=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 4fb358793e029f7706ae6c789aacbc968440b680a5843b4267b292928bdccb8b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:25 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=387
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
748 B 138ms
32ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7949&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&p_screen_res=1600x1200&site_id=304132&zone_id=1534996&kw=rp.fastlane&tk_flint=index&rand=0.9276480139269072&gdpr=1&gdpr_consent=&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 68c6064599a0912d0565717d68a2dc6823c8027f23a70cb3711d4aa220e6672f

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:25 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=43
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
745 B 143ms
29ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7949&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&p_screen_res=1600x1200&site_id=304132&zone_id=1534996&kw=rp.fastlane&tk_flint=index&rand=0.265566671061207&gdpr=1&gdpr_consent=&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0e0d246e5ec8f5d77bc98e040409d417685b98c56fbf1b2115873067dc53fc64

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
745 B 158ms
42ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7949&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&p_screen_res=1600x1200&site_id=304132&zone_id=1534996&kw=rp.fastlane&tk_flint=index&rand=0.24418741443428682&gdpr=1&gdpr_consent=&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2d1a32a4b77b02bb5ea68d84fcb19410866b78a14436fe30795a7c1f07484780

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
745 B 155ms
40ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7949&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&p_screen_res=1600x1200&site_id=304132&zone_id=1534996&kw=rp.fastlane&tk_flint=index&rand=0.8152496457191589&gdpr=1&gdpr_consent=&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a01d87c76bf59e963b5b7a365e198568c84a1be7f0ddb8c4c5bbfe64a03e6ed9

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
725 B 125ms
34ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7949&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&p_screen_res=1600x1200&site_id=304132&zone_id=1534996&kw=rp.fastlane&tk_flint=index&rand=0.6792331459182386&gdpr=1&gdpr_consent=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7b7df1fe145bc0520d8350763888d07e583000e9d23e1eec3cce27baf3cc5d4c

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
744 B 131ms
38ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7949&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&p_screen_res=1600x1200&site_id=304132&zone_id=1534996&kw=rp.fastlane&tk_flint=index&rand=0.7224707343667041&gdpr=1&gdpr_consent=&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 092fbacba8e1d25cead8ec4d1e411bbb58b7a04b364f977df2acd757ea3f2a0d

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
617 B 254ms
194ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=261318&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A35057005%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22262836%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22270081%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22270082%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2212%22%2C%22siteID%22%3A%22270090%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22270091%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%227%22%2C%22siteID%22%3A%22270085%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22270086%22%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22270088%22%7D%2C%22id%22%3A%228%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22270089%22%7D%2C%22id%22%3A%229%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22270080%22%7D%2C%22id%22%3A%2210%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22270101%22%7D%2C%22id%22%3A%2211%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22270102%22%7D%2C%22id%22%3A%2212%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f3577505-9236-4b33-9c2e-6507513a7f02%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222020-06-13T07%3A07%3A17%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 10b6315adbc64ad8b39a6e8b86b67b2c9243ae3bb36f5624c7bf82cebe5d2295

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:25 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: text/javascript
content-length: 86
expires: Sat, 13 Jun 2020 07:07:25 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/t6oivhQt/ 0
118 B 97ms
38ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=wkrjLQmJNu6J6hWJto7Eb59A&bidId=_tRJFfKd0&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.2.0&cbust=1592032045722&secure=true&ttduid=f3577505-9236-4b33-9c2e-6507513a7f02&consent_required=true&consent_string=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/t6oivhQt/ 0
118 B 81ms
22ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=VVhMxBMvai1d7ccd85aLdDts&bidId=_w5IOAFee&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.2.0&cbust=1592032045723&secure=true&ttduid=f3577505-9236-4b33-9c2e-6507513a7f02&consent_required=true&consent_string=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/t6oivhQt/ 0
118 B 80ms
21ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=9Wn9G2VLGszwiAs2PEPbU31v&bidId=_Ojg7Zi1L&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.2.0&cbust=1592032045723&secure=true&ttduid=f3577505-9236-4b33-9c2e-6507513a7f02&consent_required=true&consent_string=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/t6oivhQt/ 0
118 B 81ms
23ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=xw8w44pmZuWayV6VhLhSRmp8&bidId=_NHz0hxDa&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.2.0&cbust=1592032045723&secure=true&ttduid=f3577505-9236-4b33-9c2e-6507513a7f02&consent_required=true&consent_string=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/t6oivhQt/ 0
118 B 88ms
29ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=RpxoJoPZtgb6pK2U7Y8KrXeA&bidId=_KZtbZO6M&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.2.0&cbust=1592032045724&secure=true&ttduid=f3577505-9236-4b33-9c2e-6507513a7f02&consent_required=true&consent_string=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/t6oivhQt/ 0
118 B 81ms
22ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=XQHo1Am3sP41sYnXSYT1oF44&bidId=_jTLw2PzE&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.2.0&cbust=1592032045724&secure=true&ttduid=f3577505-9236-4b33-9c2e-6507513a7f02&consent_required=true&consent_string=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/t6oivhQt/ 0
118 B 80ms
22ms XHR
text/plain 52.58.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/t6oivhQt/v1?placement_key=bJ81JgA3x4LVNbd1tcEtWxFZ&bidId=_2frQI0Cw&instant_play_capable=true&hbSource=indexExchange&hbVersion=2.2.0&cbust=1592032045725&secure=true&ttduid=f3577505-9236-4b33-9c2e-6507513a7f02&consent_required=true&consent_string=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
121 B 92ms
30ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.dailyrecord.co.uk

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
345 B 98ms
41ms XHR
text/plain 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=261318&u=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:26 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sat, 13 Jun 2020 07:07:26 GMT

GET
H2 200 ot.js Show response
fo-api.omnitagjs.com/fo-api/ 1009 B
943 B 103ms
35ms Script
text/javascript 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-api.omnitagjs.com/fo-api/ot.js?gdpr_consent=true

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
status: 200
x-envoy-upstream-service-time: 2
vary: Accept-Encoding
content-length: 509
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding
expires: 0

GET
H2 200 ot_multi.js Show response
fo-static.omnitagjs.com/ 283 KB
79 KB 73ms
27ms Script
application/javascript 2.16.107.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-static.omnitagjs.com/ot_multi.js

Requested by

Host: fo-api.omnitagjs.com
URL: https://fo-api.omnitagjs.com/fo-api/ot.js?gdpr_consent=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.107.66 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-107-66.deploy.static.akamaitechnologies.com

Software

ayl-lb-fra02 /

Resource Hash

3e58593c8dbcab546040b58fd0eb222de4f12e31c59fb8579c019aabb2402127

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Origin: https://www.dailyrecord.co.uk

Response headers

date: Sat, 13 Jun 2020 07:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
access-control-max-age: 86400
x-envoy-upstream-service-time: 0
last-modified: Fri, 05 Jun 2020 13:54:52 GMT
server: ayl-lb-fra02
etag: "5eda4eac-46bc2"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1698
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 13 Jun 2020 07:35:45 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 280 KB
43 KB 662ms
661ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2431055812304490&correlator=4092660127741208&output=ldjh&impl=fifs&adsid=NT&hxva=1&scor=2919198341637687&eid=21064169%2C21065139&vrg=2020060103&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200613&iu_parts=5293%2Cdailyrecord.co.uk%2Clifestyle%2Cmoney&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x251%7C728x90%7C728x91%2C1x1%2C8x8%2C300x250%7C300x254%2C300x600%7C300x250%7C300x252%2C300x600%7C300x250%7C300x253%2C300x600%7C300x250%7C300x255%2C300x600%7C300x250%7C300x256%2C728x90%7C728x98%7C728x99%2C948x42&prev_scp=index%3D1%26hivis%3Dy%26opos%3Dtop%26slotName%3Ddiv-gpt-ad-top-slot%26tile%3D1%26pos%3Dtop%26id%3D8410db9f-ad44-11ea-88ca-0a320acf4edc%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26amznbid%3D2%26amznp%3D2%7Cindex%3D-2%26hivis%3Dn%26slotName%3Ddiv-gpt-ad-ad-mix-slot%26tile%3D-2%26id%3D8410db9e-ad44-11ea-88ca-0a320acf4edc%7Cindex%3D4%26hivis%3Dn%26slotName%3Ddiv-gpt-ad-vip-slot%26tile%3D4%26id%3D8410dba2-ad44-11ea-88ca-0a320acf4edc%26grm%3D40%7Cindex%3D6%26hivis%3Dn%26opos%3Dmiddle%26slotName%3Ddiv-gpt-ad-in-article-slot%26tile%3D6%26id%3D8410dba3-ad44-11ea-88ca-0a320acf4edc%26vw%3D40%2C50%26grm%3D40%2C50%26amznbid%3D2%26amznp%3D2%7Cindex%3D3%26hivis%3Dy%26opos%3Dtop%26slotName%3Ddiv-gpt-ad-rh-slot%26tile%3D3%26pos%3Dtop%26id%3D8410dba1-ad44-11ea-88ca-0a320acf4edc%26vw%3D40%26grm%3D40%26amznbid%3D2%26amznp%3D2%7Cindex%3D5%26hivis%3Dn%26opos%3Dmiddle%26slotName%3Ddiv-gpt-ad-rh-secondary-slot%26tile%3D5%26id%3D8410dba5-ad44-11ea-88ca-0a320acf4edc%26vw%3D40%26grm%3D40%26amznbid%3D2%26amznp%3D2%7Cindex%3D7%26hivis%3Dn%26opos%3Dmiddle%26slotName%3Ddiv-gpt-ad-rh-tertiary-slot%26tile%3D7%26id%3D8410dba6-ad44-11ea-88ca-0a320acf4edc%26vw%3D40%26grm%3D40%26amznbid%3D2%26amznp%3D2%7Cindex%3D8%26hivis%3Dn%26opos%3Dbottom%26slotName%3Ddiv-gpt-ad-rh-quaternary-slot%26tile%3D8%26id%3D8410dba7-ad44-11ea-88ca-0a320acf4edc%26vw%3D40%26grm%3D40%26amznbid%3D2%26amznp%3D2%7Cindex%3D9%26hivis%3Dn%26opos%3Dbottom%26slotName%3Ddiv-gpt-ad-bottom-slot%26tile%3D9%26id%3D8410dba4-ad44-11ea-88ca-0a320acf4edc%26amznbid%3D2%26amznp%3D2%7Cindex%3D2%26hivis%3Dy%26slotName%3Ddiv-gpt-ad-sponsorship-bar%26tile%3D2%26pos%3Dtop%26id%3D8410dba0-ad44-11ea-88ca-0a320acf4edc&eri=1&cust_params=fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_17609_1240_KW%252CIAS_1961_KW%252CIAS_5005_KW%26lotame%3D117928%26storymeta%3Dnetflix%252Cpersonal-finance%26templ%3Darticle%26oid%3D22179768%26configPageType%3Darticle%26platform%3Dweb%252Cdesktop%26breakpoint%3Ddesktop%26loggedin%3Dn%26donottrack%3Dn%26type%3Dfirstlook%26site%3Dchameleon%26frontendRoot%3Dhttps%253A%252F%252Fs2-prod.dailyrecord.co.uk%26gs_cat%3Dbespoke_moving_house%252Cgv_crime%252Cshadow9hu7_pos_sky_blacklist%252Cshadow9hu7_pos_tuibrandsafe%252Cpos_danone_brandsafety_family%252Cpos_danone_brandsafety_fitness%252Cpos_danone_brandsafety_health%252Cpos_danone_brandsafety_misc%252Cpos_danone_brandsafety_society%252Cpos_nov19_tesco%252Cpos_omg_blacklist%252Cpos_test_death%252Cgs_tech_computing%252Cfinance_personal_finance%252Cnegative_tesco%252Cgs_entertain_tv%252Cgs_entertain_movies%252Cneg_corona_virus_apr20%252Cblacklist_vodafone%252Cgs_finance_banking%26uhid%3DUHID%257C20%253A06%253A13%253A07%253A07%253A16%253A752_5ee96301-d234-475d-a0a9-925a71090e12%26inskin_yes%3Dtrue%26adUniturl%3D%252F5293%252Fdailyrecord.co.uk%252Flifestyle%252Fmoney%26iason%3Dfalse%26mantis%3DDefault-GREEN%252CTesco-RED%252CCOVID19-GREEN%252CCOVIDSafe-GREEN%252Csentiment%253Dnegative%252Cjoy%253Dmedium%252Csadness%253Dmedium%252Cdisgust%253Dlow%252Canger%253Dlow%252Cfear%253Dlow%26luid%3Dunknown%26ruid%3D4dfb1d5c-0e54-4d61-9c23-27c76bc49692%26pageview%3D1%26rdp%3D0%26npa%3D0%26gdpr%3D1%26gdpr_consent%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1592032047&dt=1592032047260&dlt=1592032036546&idt=752&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C-12245933%2C608%2C462%2C1079%2C1079%2C1079%2C1079%2C436%2C326&adys=10%2C-12245933%2C2038%2C4659%2C1102%2C3320%2C4517%2C5761%2C8394%2C749&adks=2049136760%2C2046777346%2C2907217311%2C1187009191%2C1742237486%2C1623792727%2C4021131606%2C31804829%2C3142909406%2C3357250732&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&dssz=82&icsg=0&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1%7C1600x9032%7C800x4280%7C800x4280%7C335x5916%7C335x5916%7C335x5916%7C335x5916%7C1600x9032%7C1240x7928&msz=970x-1%7C0x-1%7C800x-1%7C800x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1600x-1%7C1240x-1&ga_vid=108802521.1592032037&ga_sid=1592032047&ga_hid=150578195&fws=4%2C132%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=970%2C1600%2C800%2C800%2C1600%2C1600%2C1600%2C1600%2C1600%2C1240

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

cd9c3635083c8ead6ad60951394d9ac2c4d595752fee198c18c76933f96694e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43089
x-xss-protection: 0
google-lineitem-id: -1,5359363916,5146108778,-1,-1,-1,4389472453,4389472453,4389866835,239481257
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138310350958,138283554347,-1,-1,-1,138208645246,138208671711,138209526768,104649762017
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 json Show response
trc.taboola.com/tmg-dailyrecord/trc/3/ 16 KB
6 KB 271ms
270ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tmg-dailyrecord/trc/3/json?tim=09%3A07%3A27.364&lti=deflated&data=%7B%22id%22%3A575%2C%22ii%22%3A%22%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1592032047361%2C%22cv%22%3A%2220200607-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22cdb%22%3A%22BOV0WdtOV0WdtCEABBAAABAAAAAMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9033%2C%22nsid%22%3A%22tmg-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-feed%3Apub%3Dtmg-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Responsive%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Responsive%20Feed%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-e%3Apub%3Dtmg-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%20Responsive%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%20Responsive%22%2C%22cd%22%3A3262.3125%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b8ea4de8db74339641aa83cd6c1156f73204feda3c28a3d16ee45f141aef1a23

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 249
date: Sat, 13 Jun 2020 07:07:27 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4035-HHN
server: nginx
x-timer: S1592032047.379578,VS0,VE249
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 metrics
signal-metrics-collector-beta.s-onetag.com/ 0
0 95ms
35ms Other
application/json 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/reach-beacon.min.js?affiliateId=252378
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time

GET
H2 200 userx.20200607-25-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 22ms
21ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200607-25-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9bd3b3647e2e8cb13e52f5f3b360028ed217b3e56aabf06a538532f29779017

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eLQzvS_1MJJPJ7.w7RkzDFovWDu0cSL9
content-encoding: gzip
etag: "cdb7d29d8a93674939fe6c45e0da41c3"
age: 82
x-cache: HIT
status: 200
x-amz-replication-status: PENDING
content-length: 7712
x-amz-id-2: eYN1ZYxhsb/D28rRQWy0rCHI1KXWmvgL3QDHTRXo+3UsWEWPVBjt7pMCftkCw+snRN2lXsyXs9I=
x-served-by: cache-hhn4035-HHN
last-modified: Thu, 11 Jun 2020 16:09:23 GMT
server: AmazonS3
x-timer: S1592032048.673472,VS0,VE0
date: Sat, 13 Jun 2020 07:07:27 GMT
vary: Accept-Encoding
x-amz-request-id: 2E12998E5737D07B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 2
x-cache-hits: 159

GET
H2 200 tb Show response
15.taboola.com/ 0
105 B 799ms
798ms Script
text/plain 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=tmg-dailyrecord&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%20Responsive%20Feed&uuip=Feed%20-%20Below%20Article%20Thumbnails%20Responsive%20Feed&cisrf=&cirf=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&encoded=1&uid=327f9b7d-aff2-4bd7-aa6e-eb24e1b8de64-tuct5de00af&variant=-100|2422&callback=TRC.videoTagCallbacks.videoCallback1&cb=1592032047662&tagid=&cntry=CH&platform=1&sesid=c06aa88c552f0d511577fda236636e15&itemid=/lifestyle/money/netflix-email-phishing-scam-targets-22179768&viewid=1592032047361&geolat=&geoing=&deviceifa=&appid=&sd=v2_c06aa88c552f0d511577fda236636e15_327f9b7d-aff2-4bd7-aa6e-eb24e1b8de64-tuct5de00af_1592032047_1592032047_CNawjgYQ7LY_GIHihOSqLiABKAEwKziy0A1A0IgQSPKd3QNQ____________AVgBYABo4qaqkbKtl-Jw&ri=80c87c608092bf81c3eec2536fe20247&appname=&cdb=BOV0WdtOV0WdtCEABBAAABAAAAAMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&gdprApplies=true&rid=&sii=-4735033535961417804&oee=true&tpubid=1039212&uis=2&fagg=1
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592032048.675713,VS0,VE772
machineid: 1430
x-served-by: cache-hhn4035-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20200607-25-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 21ms
21ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20200607-25-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tmg-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ad1b362ceb4eb927eae789dc6c37b5030ef34de85c9ade872d4c41308d51940

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 8or15tTEfmGag7RFMfq3TFdJ2nO0oL3r
content-encoding: gzip
etag: "a4f13dc9fff6386607bec4de5cfd87a6"
age: 93
x-cache: HIT
status: 200
x-amz-replication-status: PENDING
content-length: 1269
x-amz-id-2: T2G6gRWwq2UyBPgzsL0mwVutIb2TFyov3Qn7tffUk2gmJnkZloa5hp+sfCiKbGoFqeMnF2lz9IQ=
x-served-by: cache-hhn4035-HHN
last-modified: Thu, 11 Jun 2020 16:09:34 GMT
server: AmazonS3
x-timer: S1592032048.682596,VS0,VE0
date: Sat, 13 Jun 2020 07:07:27 GMT
vary: Accept-Encoding
x-amz-request-id: 0CC0851E8B2C4D48
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 2
x-cache-hits: 659

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 20ms
20ms Image
image/svg+xml 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 58
via: 1.1 varnish
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: LFqg67v5YCWU/NOwszxgfld57ko9gVWtVdT1oIYYG3SJej+Tymd9iKGPpdHqVHajduvDxtCbHpI=
x-served-by: cache-hhn4035-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1592032048.683188,VS0,VE0
date: Sat, 13 Jun 2020 07:07:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 0D504D7A15570419
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 2
x-cache-hits: 219

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
653 B 21ms
20ms Image
image/png 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 27342
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4035-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1592032048.734724,VS0,VE0
date: Sat, 13 Jun 2020 07:07:27 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 2
x-cache-hits: 16298

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame 7F00 202 KB
56 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 7F00 16 KB
6 KB 48ms
18ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154089
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 7F00 97 KB
29 KB 46ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 7F00 4 KB
2 KB 46ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16330
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 7F00 48 KB
15 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154094
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7F00 7 KB
824 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Jun 2020 05:46:43 GMT
server: ESF
date: Sat, 13 Jun 2020 07:07:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jun 2020 07:07:27 GMT

GET
DATA 200
OK truncated
/ Frame 7F00 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b340f7aa45532eca0b528fd76046080366160187caece4a41aeb6a123375575c

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ 20 KB
7 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26645
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7224
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f6cfa2ba62463627"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:23 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7F00 0
0 32ms
31ms Image
text/html 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4GhpL3vkXobhF8WNgQebyauoD8rMydpd8MqY0_8Lv-EeEAEgv_DEHmD1lc6B4ATIAQGpAjaXSEd_4rI-4AIAqAMByAMKqgSWAk_Q5zn-Y0eIqJQ9kjFAo_c51kLQc7MYVeTG2GY6e6yQCrDG8WtD8UJE2feLxcBfcVkvu5lKXdnWn6j46-DJvrb157njH05WHgqw76EpuV33hUI-xE2ZqlwxcaN4W472Vr0LQbesuzOCKfYPozQXTUvlIFL-2ih-VdZxPR9OCS8sKmtCWx5wYqTDEyttWiCmt-fWIOvYVM43GeaK99TrOAxG4YHTKt3FDAuVzFHuY2xOdh2bmJNmqCvgUMeDYwUXklhaPh1KAaf87CSBkTGNGmkkr0SX-gFjtMB1c_qiKCPejZt_r5Juywd1EmOxyEwp0KiEyJh-OGnmaRaJ8XPvm00XMN9W-3pUEcdYfD2bzTAT2YooNPNDwATe_uyjgAPgBAGSBQQIBBgBkgUECAUYBIAHt-2bywGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQqcIl0ggHCIBhEAEYHYAKA8gLAdgTCg&sigh=8TaUGHin_pY&tpd=AGWhJmsP0ctD3BhR4tJ-eDAoPC5jEaMegUG9yjGwJfcsJ4TN1A
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F00 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27210
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F00 295 B
519 B 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33247
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7F00 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin: https://www.dailyrecord.co.uk

Response headers

date: Sat, 13 Jun 2020 02:31:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 16580
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:31:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7F00 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin: https://www.dailyrecord.co.uk

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 368614
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27AB 0
0 56ms
56ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPF0wjo-PIbPk4aDrIR3xZDSV0E88rrJgmM4XOGyndGg2i7j7-s6Kc0Ao_Gu8I5tI7zjbxm4ZSDioivkNF4G_7dADk1PT3rEKuJ9GncM74aX78XJWHqbxZmzo_vQc2dW5h49egQtm2HuntU1s0XZZIKRZRRHJCmvgd_nkpsMXw4s3CDd8pD9Gle7FJl67_75P38WSvxMPeobQ6ersDHDWlRfy4sHCiXdjSuL0-VDiHKpAyZ7eLurfgGg0vW-17Sl_kx2ivwG4WSR624D45FzFrj54zbpRy1bZGoK-REJB59g&sai=AMfl-YSIYk0AV-cjQGKIwRNtM4_BHYP90Sj9aOnsK6_1omU0DfFiYRqF0vAhJQQy5_AJapBGWKDU6rrzS_Z-USGSAVBC2v3jdAK-hzyIqi6yEg&sig=Cg0ArKJSzNfyDFk4i2SyEAE&urlfix=1&adurl=

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27AB 74 KB
29 KB 26ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

961fec356326dc582ad3eb30f75f2728df9eed5062bfdf0b78b655865d5b3859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591975235565162"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28482
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591975235565162"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27914
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2CA 0
0 62ms
62ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscueTtgorlpPQJWI9KjeBMvr5zncaDeXVj_pGARCz59Ecs4J0CpdJpCOBDKQAFmj9oiQjoskeCl1MNMT4K4U-DSCFFZt9TVOsq7WCKdUQ9HZbaKCgGJZbO3aETrrz9Hb6eGf_0eFC71BKe-KkXvo8emZBa64QZ9diyfo-hf2w1y6UOSKlLKq-L_waodlbruVLJj_27NTs3whcXU1Rm_SdScDfKRT706oVEYsbmyo1XMH7tEf1h_1GCd606IXGzZW0NgaRFMX8UoTutBl6R9PEvTi3N5uy2_wCy77D7tw&sai=AMfl-YQcXP4Uc8QNS6JUJg-qLsAKSf6m4TPv6-jKcF-sdGQDDGzy7ne5EK7vjOCXZ9CNGwizNfXbpU1G9qSXV2CPhVATZ7AotnKYBGR6pVrVIw&sig=Cg0ArKJSzCiAgTLsOP9rEAE&urlfix=1&adurl=

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/55334/ 800 B
745 B 113ms
64ms Script
application/javascript 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/55334/tag
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d221443587e5750f659d8639389fcb80ec8a16e4a281d695f3bf1f0dfaff496

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 495
expires: Sat, 13 Jun 2020 08:07:28 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2CA 74 KB
28 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

961fec356326dc582ad3eb30f75f2728df9eed5062bfdf0b78b655865d5b3859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591975235565162"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28482
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame 6856 202 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6856 16 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154089
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6856 97 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6856 4 KB
2 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16330
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 6856 48 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154094
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6856 5 KB
738 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Jun 2020 07:05:17 GMT
server: ESF
date: Sat, 13 Jun 2020 07:07:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6856 5 KB
761 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Jun 2020 06:11:31 GMT
server: ESF
date: Sat, 13 Jun 2020 07:07:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6856 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27211
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6856 295 B
357 B 8ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33248
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 6856 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ff1ee156f59fa04667d7c224879cfa3e5d1232ae503f90d886ec9caa2e590b9

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame 389A 202 KB
55 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 389A 16 KB
6 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154089
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 389A 97 KB
29 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 389A 4 KB
2 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16330
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 389A 48 KB
15 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154094
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 389A 7 KB
801 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Jun 2020 06:32:23 GMT
server: ESF
date: Sat, 13 Jun 2020 07:07:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 389A 5 KB
738 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Jun 2020 06:18:42 GMT
server: ESF
date: Sat, 13 Jun 2020 07:07:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 389A 2 KB
2 KB 15ms
12ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27211
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 389A 295 B
352 B 9ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33248
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 389A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 382bd0b6cfa1f0eea0e430fc6542658c934bbedbb7e79f3f802ff4f5c71484df

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame FECC 202 KB
55 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame FECC 16 KB
6 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154089
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:19 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame FECC 97 KB
29 KB 17ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26657
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 23:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 23:43:11 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame FECC 4 KB
2 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16330
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:35:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:35:18 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame FECC 48 KB
15 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154094
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Thu, 11 Jun 2020 12:19:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 12:19:14 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FECC 2 KB
2 KB 13ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27211
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FECC 295 B
352 B 12ms
5ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33248
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame FECC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef0a6b8c109295b5ed81636ac4dc92964b3acea80ff6c9fec350bac373c6b5a4

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2486 0
0 8ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 13 Jun 2020 00:32:36 GMT
expires: Sun, 13 Jun 2021 00:32:36 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 23692
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame ADCB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 13 Jun 2020 00:32:36 GMT
expires: Sun, 13 Jun 2021 00:32:36 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 23692
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2983 0
0 6ms
5ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 13 Jun 2020 00:32:36 GMT
expires: Sun, 13 Jun 2021 00:32:36 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 23692
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4811 0
0 85ms
84ms Fetch
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNzXgEXeTFQrHkhPKV5M4DvzcdvIxXh2yeDrNdbBgjfmY8jrlNoo7KVN8PPUp-dDAJOV2l-b1mON-otBlladjmStpdWLK1Wuh1sohHp-mobJGOzGnHDqk8KUbqLhUOgUPvSUxblbRwvODeIjHVqcLct5bUYVn3jmBzKrCafTSHgjIjRmDKXtTeprRjuhNufym6EWda3Xv9_p-C3msO1m7zdKJtUgjT1MQgNTe4-hy1jKBaPIJzmmMpZz8jAGeM8VHcAp3V43W4PwHF6AEA20GaN6VCJkRtuYrf&sai=AMfl-YRdky0ZV-Ml5CyDgVOYHc_YyY_frvbglaIG6SfAlB8szEBUov1yHd08ytEikmkWM_DUXrCAVDRlbQqx1SNmowmsdK28WGV1mQ28lV5E-g&sig=Cg0ArKJSzKnqOejnW20-EAE&adurl=

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200609/r20110914/ Frame 4811 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200609/r20110914/abg_lite_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410b2091edb9c9e149d2d72875774b82ff6cced566193cf3fecf3c2745b1b63d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7236
x-xss-protection: 0
server: cafe
etag: 10767719627970246714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jun 2020 00:55:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200609/r20110914/client/ Frame 4811 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200609/r20110914/client/window_focus_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d2d1f9c78d8c0755bb8830fd20121d6d05c949c89b20536a89b6643f748c600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:53:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1479
x-xss-protection: 0
server: cafe
etag: 9751230926324105381
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jun 2020 00:53:40 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4811 74 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

961fec356326dc582ad3eb30f75f2728df9eed5062bfdf0b78b655865d5b3859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591975235565162"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28482
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 7951222608688511253
tpc.googlesyndication.com/simgad/ Frame 4811 42 B
204 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7951222608688511253

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 06:13:28 GMT
x-content-type-options: nosniff
age: 89640
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
last-modified: Tue, 23 May 2017 15:22:01 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:13:28 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15181524505568867853/ Frame 6856 16 KB
16 KB 16ms
5ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15181524505568867853/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qlxJaAG_NH9TNQbeT5zRjVzUX6DMw

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d609d64bce01f1abb1d78e7fa19e57673338feebfbe9d14bc0ef117ff14f401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 11:05:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 21:54:39 GMT
server: sffe
age: 244940
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16697
x-xss-protection: 0
expires: Thu, 10 Jun 2021 11:05:08 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8495780399596571257/ Frame 6856 9 KB
9 KB 18ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8495780399596571257/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qkXUugQZxXqMFrHnt2lfNGifOTScA

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79c1520e7557e79eecd5660e05116de0bedf3cfa5ca2dffc65b4893079667705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:54:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Jul 2019 20:34:18 GMT
server: sffe
age: 281569
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9153
x-xss-protection: 0
expires: Thu, 10 Jun 2021 00:54:39 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6856 0
0 97ms
86ms Image
text/html 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_mXUL3vkXojhF8WNgQebyauoD_GunrFckuO_ocgLsJAfEAEgv_DEHmD1lc6B4ASgAfGv7-ICyAEG4AIAqAMByAMKqgScAk_Qs-OUaoCqXw-8ARA1EP2-6qq005uWQ5ljpP9eS9o6_UB_9LRwL5yROMKK9VcuCjlHTRDXgVgKIkk5Lcnf21plfrj_9QPAjS8eijxx-cbT-LKLFoT939GBtoC_Np7M9EDIa-X7qFxAUeKpeYr6y_W9yEbi1UqHpQywlydZRYe0y6vIbeJzx7A_VSZwBORGaNqMeW6sqwceEo-iHQhPM6MUojmmjW-l__gbox5LvbHNpseQ2nWn-L1QDYtdEvXPAfFUaFopT2Syun6RtdK8BcHz46gUKq7-xh2UfT4lyYuimwWALayOOjIrMrPoPhKWt9S84O9GSeWKH-iB76h5AYkrigjAyrl-WImrl1Ee5fhDTBP4_K-4IeVkz39IwAShy9Sm6gLgBAGSBQQIBBgBkgUECAUYBKAGN4AH98-QnQGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQvZML0ggHCIBhEAEYHYAKA8gLAdgTDQ&sigh=CHNVosk5n4Q&template_id=492&tpd=AGWhJmtlgpVDrF6Nm-Qul0mvAgug7dp9M6FKH10aZwf7M1JHbQ
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10089354323983732676/ Frame 389A 22 KB
22 KB 99ms
88ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10089354323983732676/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4ql9GOUzcBIgstqlnL1FTsDW_FA2WQ

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb34f0fba21508c6a25591b4b8d2c047ee80308a96db5df1f8d92ce9ea9f0a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 11:28:48 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22844
x-xss-protection: 0
expires: Sun, 13 Jun 2021 07:07:28 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/671845776777560153/ Frame 389A 74 KB
74 KB 28ms
17ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/671845776777560153/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qkZJiTV32zWrHg2YfsH-7F7QaJXgw

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac40c23593f2ad113a6637a84d871eea68184f776ad562abcd11a361998ec8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:39:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Dec 2018 14:12:46 GMT
server: sffe
age: 282489
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75810
x-xss-protection: 0
expires: Thu, 10 Jun 2021 00:39:19 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 389A 0
0 97ms
86ms Image
text/html 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgZWLL3vkXonhF8WNgQebyauoD4SU-6ddhe-7j4sL65yA2osOEAEgv_DEHmD1lc6B4ASgAa_0mqADyAEGqQI2l0hHf-KyPuACAKgDAcgDCqoEmwJP0EN9JiWZgTdLaSQrDiod2LtVNpQe43KvEv3dPhUSDA9TplVVzIdvsM-6QppDMCc8zHy2E2CXeONLBoCJVs-EFZ1FsJxnM7y4SIWnQdlaobcqABAPzQUl97m2XVU9mmIKwFRWNxrO9k8q-75SL9ucxHjzDTINvtmnTfwd4JA9vsTfGoWoL1fgmvZMvB6NJsdiGVLvYORfrd0QKwWVAcSpE8Lq3Ic0rECs9tCA_U3Gt96x4NppAxEWl7hXuZS7jKEym8L11C4k1Q1eJoTmmxPwqQU1GwwUUpr9qquigO0CybupQfNj9hKDfNBeCVj3mzSRjVmAmnwTxSO7MuCv3yYd3CevnsV-Eq40DZiWahpfZsRhRiYm6RjEE-wjwATJnfWH5gLgBAGSBQQIBBgBkgUECAUYBKAGN4AHuYvlX6gHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBC-9BjSCAcIgGEQARgdgAoDyAsB2BMM&sigh=oj0tziUXfpw&template_id=492&tpd=AGWhJms56APkBk8Tj4b_aZ2wgHLP9wwwN8aYW5TbOdGwR7z2jw
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 3499811417194281196
tpc.googlesyndication.com/simgad/ Frame FECC 103 KB
103 KB 18ms
7ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3499811417194281196?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qklPLt3rXXB70CuVjDqlsxO4EVrNA

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1c2fc8fc212af2c8b90a2f38500ba6504e6b7dbbee273ab68b69edc4b3b1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:50:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 07:52:20 GMT
server: sffe
age: 281836
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105097
x-xss-protection: 0
expires: Thu, 10 Jun 2021 00:50:12 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FECC 0
0 96ms
85ms Image
text/html 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3n0OL3vkXorhF8WNgQebyauoD4qa_cxd5cL4tr8Lv-EeEAEgv_DEHmD1lc6B4ASgAaXjhdkDyAEC4AIAqAMByAMIqgShAk_Q5X9QLiPKf1ns9A6DYhwJ7J3ryVs91cQNQxGewtVgq6Z4q5wbp2by7LN9Ml-BspZ1MRo5KDgxi3Lo4sVXt6PfQn1ryH_67sIf5qSsaCJkD7fxmFSaL6hSpg-D9Hz99FZP842YmpsTC-fguVXnPU5CrphkQrdDrTZKD1GJvNmcHMdUiejlMbHC_kfgd7Z-5Tc_TSHNot4N-mmN5fb0ZRoi1Ony1SpVzw_HOwoEH041v176LzcH7C9rrGYtF2WhZtH2DYrGVg-UunSvYyDa_R5Wbv5ZI3JaIi-OEFtHdxvBlDSyy4z_fAEJvuNMo465b-zjkwxP4ef8cYqqp2XyZ9ffpZ3gv8ajIghFoa2PjkrdnYcbUnZl_c0NG6N900BHXhXABOCFoJ2HA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeSgK1-qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEI6JCNIIBwiAYRABGB2ACgPICwHYEww&sigh=MVZ08C96MMk&tpd=AGWhJmsJsS3lBaSnvbBka8olcixXBQhJStqE1hDQ1gKyFakosw
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 123 B
512 B 199ms
192ms XHR
text/javascript 143.204.244.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3632&u=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&pid=ejsNlOWcg1WBE&cb=1&ws=1600x1200&v=7.50.00&t=2000&slots=%5B%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-sureview-left-slot%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F5293%2Fdailyrecord.co.uk%2Flifestyle%2Fmoney%2Fdiv-gpt-ad-sureview-right-slot%22%7D%5D&gdprl=%7B%22cmpTimeout%22%3A200%2C%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.244.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-244-102.cph50.r.cloudfront.net
Software: Server /
Resource Hash: b99ab5d94cc8955572da9cc1bbed01b16fdf8890ee476c7e5079661df405a81d

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: CPH50-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 129
via: 1.1 b9ba4bda57a72c60657b278a2341fc54.cloudfront.net (CloudFront)
x-amz-cf-id: loIQEtiqY5HRF8ds__lCJDZTFUngVS16HbRyMZa8e_xSFOhQ8XDMcw==

GET
H2 200 4389472453 Show response
dfp-gateway.s-onetag.com/1/5293/ 119 B
591 B 192ms
70ms Fetch
application/json 2600:9000:215d:fa00:a:52eb:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/5293/4389472453
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:fa00:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcdab10c6c0aa2cc2c1682f7437e2542a4aa0a24ae149b3b5aa53f9be31e84cf

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 08:19:12 GMT
via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront), 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
age: 82096
x-amzn-requestid: f05b9714-b361-46b8-87ba-970abbcbe365
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-5ee33a80-2c2961bd2cb4e5091d335ba5;Sampled=0
x-amz-cf-pop: FRA53-C1, CPH50-C1
x-amz-apigw-id: OAYUCGA2yK4FnZA=
content-length: 119
x-amz-cf-id: cZvUd5lIRgPmOLMaeiS_X4uGUOkwPmWDpquDD1PQyyPGcsa-TS1XhA==

GET
H2 200 4389866835 Show response
dfp-gateway.s-onetag.com/1/5293/ 119 B
588 B 193ms
71ms Fetch
application/json 2600:9000:215d:fa00:a:52eb:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/5293/4389866835
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:fa00:a:52eb:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcdab10c6c0aa2cc2c1682f7437e2542a4aa0a24ae149b3b5aa53f9be31e84cf

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 09:27:12 GMT
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront), 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
age: 78016
x-amzn-requestid: 1f4c2107-4ab3-432b-b9fa-6f02345ddab6
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-5ee34a6f-e5a22db29fd245cd38971fcb;Sampled=0
x-amz-cf-pop: FRA53-C1, CPH50-C1
x-amz-apigw-id: OAiRgGtySK4FnSA=
content-length: 119
x-amz-cf-id: 9tj2g9t3hV2_ibYrguCepYf38A_5mTZCgQqu9z0RV-1kSS0aF7Reeg==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 92ms
72ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab0424f61753a45ef134bd976fbff813efd67a7527a7a59a719892c609cf25be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5699
x-xss-protection: 0

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
0 73ms
72ms Other
application/json 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6856 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.dailyrecord.co.uk

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 368614
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6856 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.dailyrecord.co.uk

Response headers

date: Sat, 13 Jun 2020 02:31:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 16580
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:31:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 389A 11 KB
11 KB 63ms
63ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Origin: https://www.dailyrecord.co.uk

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 368614
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 389A 11 KB
11 KB 64ms
64ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Origin: https://www.dailyrecord.co.uk

Response headers

date: Sat, 13 Jun 2020 02:31:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 16580
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:31:08 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 27AB 0
54 B 73ms
73ms Image
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurIr_9DGGgYzoCrdM6SRFfQaNaM2oExM3FK4lTczm3gYO09vklsZyN5Otzil_RT_ozY4_i12Qj3iSkDsDEd7yIaY70-9cM7x6qTPaEYxIddloKoGsbvtxu9KxoXkjjsW7kzeI4wwPH78AqPttGiOZ7VrXGrTBO4MLk4RVyPOLYuqTecCXn5un9rXZQ5V9zzFohfKRij9C2ij2Y8OcMCMg0G_8bedSTfoZdAvbWO43A2if4gW_oj9i8202zqOp8G72AB87dr1MRXcVxYO2-5D59tcoRTzKEGqcC2jmcaZy_J_fS&sai=AMfl-YRJcj62w80aW7iyfVYOSztxePW8km1Vzuaj7Z0rZlivXL8nnn7ehzAd1ieGOoPDgUT-YmuvIkJfNq7IN7EuF1FayU7Z3_1Rr-JOkAPZew&sig=Cg0ArKJSzIg2NAlfUxwSEAE&urlfix=1&adurl=

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2CA 0
54 B 69ms
69ms Image
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvhPLXWUM0hcIjzYdei3MZHwMf8S-DDX0hb4JGYSMBwn6GaPokerwe5tzvgPajTjyYP2WyZ0cLsaJGwSndO3Dc8-jZxSzB3UK1K-91CrNyQKmK6-JeTmcwIKX_HVIsLsLYRc4KqgdTv0qfFadctfCFjWD-F6UMPNr1e3L04JjvG8h79bZUYrek85dVYAANOMMqxNiY0Mz-PoZRz0Zmx4jG6w5xfZPudjbPwgWBdgK1mnrkqs_bkoUUh_1-QW8iUdDXhIKhk6WIXkFw-z30606FRh9PkfV-qt0CPPxMuHUf&sai=AMfl-YT7VobfCQotFrrk8tcUpMPbNFJIN74gY4ky_d4L2Gtuv9Zs1Ct6P0cbDMsYpSzlTjXH5T1bDsvNQ5gJOyJmt9fCmchbQcMQrCOk2PcPdA&sig=Cg0ArKJSzLqFMLr21KdlEAE&urlfix=1&adurl=

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A2CA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 739a597c609c2742d766d594897848f9f4ea265958ba4c3ad5ec7f5df50e553b

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4811 0
54 B 57ms
56ms Image
image/gif 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuCl2WtcAZthVxZl3xXtAN3rxMSRg7GM91h_ykU8Eflho7Pm4mj1eTI8A-TnTKalcWdVBPxeOCKfr5h0EnI-8b8FRg13SyBJ4i0yKaS4KhU2SdES9IVuECa1r9pF-5HUN0v8cLmrtuYFFtXIJX0bYYNDQhAgqRpQPSolABInhIS0IxRhsHN1OpZ1-l4bupErAIpopNpM3klQ6oqtR5prdG6XG12vJYNDSJP5YGdzLILcSK21pay1_IY3ODAZUDcGpqyY1Zp6nOirzlRm8o1-ZFtnQN-6UWe9d5hFg&sai=AMfl-YRZLsbt9QXJKbqmy_lQUDnRc1v4qvBcI1nVp7Y_CUrykw69OuWxV4mcEG53fK6Y0nfSdhU5TxZ6OmEtaiTMOvA0Sa-_785s2Q0vWCBMmw&sig=Cg0ArKJSzByvcx2paQ7lEAE&adurl=

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4811 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 828af7c38e27bd1b64a260e16f9864e4658b0c41ab950e6d54148deea44489c8

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
693 B 103ms
102ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=261318&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A32475574%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2261%22%2C%22siteID%22%3A%22513862%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2260%22%2C%22siteID%22%3A%22513861%22%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22f3577505-9236-4b33-9c2e-6507513a7f02%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222020-06-13T07%3A07%3A17%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c5e090ff76ca7d7aebe407218c97234cc43122977602ed8d7f7390ab35c67bf

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: text/javascript
content-length: 86
expires: Sat, 13 Jun 2020 07:07:28 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7F00
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

99ms
94ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 648 KB
176 KB 76ms
57ms Script
text/javascript 2a02:26f0:c400:18d::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c400:18d::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: d6083f51eff86e276d1de3f2e3e5b11870d5e7364847d805f00f5212d9a4ccf2

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 349B3FD0728D3839
status: 200
content-length: 179152
x-amz-id-2: 8KytUmDL5TmuqdE+BgabiPS9lpPNq8iF28QiBq8s86ofCBY8LB7hSIhg6IDNU0o6D+TinlYDjlg=
last-modified: Thu, 11 Jun 2020 15:41:49 GMT
etag: "24c9921b29eddc9197707864d817f634"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 6
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 13 Jun 2020 07:37:28 GMT

POST
H2 204 bulk Show response
trc.taboola.com/tmg-dailyrecord/log/3/ 0
253 B 56ms
56ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tmg-dailyrecord/log/3/bulk?tvi2=2210&route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200607-25-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Sat, 13 Jun 2020 07:07:28 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4035-HHN
pragma: no-cache
server: nginx
x-timer: S1592032049.915463,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F00 2 KB
3 KB 10ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27211
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F00 295 B
365 B 10ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33248
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6856
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

65ms
63ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 13 Jun 2020 07:07:29 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 389A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 13 Jun 2020 07:07:29 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame FECC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

22ms
21ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 13 Jun 2020 07:07:29 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15181524505568867853/ Frame 6856 16 KB
16 KB 91ms
90ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d609d64bce01f1abb1d78e7fa19e57673338feebfbe9d14bc0ef117ff14f401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 11:05:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 21:54:39 GMT
server: sffe
age: 244941
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16697
x-xss-protection: 0
expires: Thu, 10 Jun 2021 11:05:08 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8495780399596571257/ Frame 6856 9 KB
9 KB 90ms
90ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79c1520e7557e79eecd5660e05116de0bedf3cfa5ca2dffc65b4893079667705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:54:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Jul 2019 20:34:18 GMT
server: sffe
age: 281570
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9153
x-xss-protection: 0
expires: Thu, 10 Jun 2021 00:54:39 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6856 2 KB
3 KB 89ms
89ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27212
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6856 295 B
364 B 89ms
88ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33249
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10089354323983732676/ Frame 389A 22 KB
22 KB 87ms
87ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb34f0fba21508c6a25591b4b8d2c047ee80308a96db5df1f8d92ce9ea9f0a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 11:28:48 GMT
server: sffe
age: 1
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22844
x-xss-protection: 0
expires: Sun, 13 Jun 2021 07:07:28 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/671845776777560153/ Frame 389A 74 KB
74 KB 85ms
84ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac40c23593f2ad113a6637a84d871eea68184f776ad562abcd11a361998ec8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:39:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Dec 2018 14:12:46 GMT
server: sffe
age: 282490
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75810
x-xss-protection: 0
expires: Thu, 10 Jun 2021 00:39:19 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 389A 2 KB
3 KB 81ms
81ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27212
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 389A 295 B
364 B 80ms
80ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33249
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
H2 200 3499811417194281196
tpc.googlesyndication.com/simgad/ Frame FECC 103 KB
103 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3499811417194281196?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qklPLt3rXXB70CuVjDqlsxO4EVrNA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1c2fc8fc212af2c8b90a2f38500ba6504e6b7dbbee273ab68b69edc4b3b1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 00:50:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 07:52:20 GMT
server: sffe
age: 281837
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105097
x-xss-protection: 0
expires: Thu, 10 Jun 2021 00:50:12 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FECC 2 KB
3 KB 16ms
16ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27212
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FECC 295 B
369 B 15ms
15ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33249
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
345 B 35ms
33ms XHR
text/plain 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=261318&u=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186772-170849978518354.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:29 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.dailyrecord.co.uk
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sat, 13 Jun 2020 07:07:29 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 0DE6 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 13 Jun 2020 00:32:42 GMT
expires: Sun, 13 Jun 2021 00:32:42 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23687
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 track
t.teads.tv/ 23 B
143 B 220ms
119ms Image
image/gif 2.18.69.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&ts=1592032049683&pageId=55334&pid=60379&env=js-web&pfid=[pfid]&f=1&slot=native&auctid=d228a7b8-9915-470b-89e4-54656191cdb2&debug_metadata=wb&fv=400&referer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.184 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 13 Jun 2020 07:07:29 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 227ms
126ms Image
image/gif 2.18.69.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&ts=1592032049681&pageId=55334&pid=60379&env=js-web&pfid=[pfid]&f=1&auctid=d228a7b8-9915-470b-89e4-54656191cdb2&fv=400&referer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.184 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 13 Jun 2020 07:07:29 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 216ms
115ms Image
image/gif 2.18.69.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&ts=1592032049682&pageId=55334&pid=60379&env=js-web&pfid=[pfid]&f=1&slot=native&auctid=d228a7b8-9915-470b-89e4-54656191cdb2&fv=400&referer=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.184 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 13 Jun 2020 07:07:29 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
18 KB 362ms
361ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2431055812304490&correlator=3858024571303443&output=ldjh&impl=fifs&adsid=NT&hxva=1&scor=2919198341637687&eid=21064169%2C21065139&vrg=2020060103&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200613&iu_parts=5293%2Cdailyrecord.co.uk%2Clifestyle%2Cmoney&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%2C120x600&prev_scp=orderId%3D2688959260%26lineItemId%3D5359363916%26creativeId%3D138310350958%26slotName%3Ddiv-gpt-ad-sureview-left-slot%26hivis%3Dy%26opos%3Dleft%26origin%3Dsureview%26originsz%3D120%252C600%26originsrc%3Drch%26amznbid%3D2%26amznp%3D2%7CorderId%3D2688959260%26lineItemId%3D5359363916%26creativeId%3D138310350958%26slotName%3Ddiv-gpt-ad-sureview-right-slot%26hivis%3Dy%26opos%3Dright%26origin%3Dsureview%26originsz%3D120%252C600%26originsrc%3Drch%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_17609_1240_KW%252CIAS_1961_KW%252CIAS_5005_KW%26lotame%3D117928%26storymeta%3Dnetflix%252Cpersonal-finance%26templ%3Darticle%26oid%3D22179768%26configPageType%3Darticle%26platform%3Dweb%252Cdesktop%26breakpoint%3Ddesktop%26loggedin%3Dn%26donottrack%3Dn%26type%3Dfirstlook%26site%3Dchameleon%26frontendRoot%3Dhttps%253A%252F%252Fs2-prod.dailyrecord.co.uk%26gs_cat%3Dbespoke_moving_house%252Cgv_crime%252Cshadow9hu7_pos_sky_blacklist%252Cshadow9hu7_pos_tuibrandsafe%252Cpos_danone_brandsafety_family%252Cpos_danone_brandsafety_fitness%252Cpos_danone_brandsafety_health%252Cpos_danone_brandsafety_misc%252Cpos_danone_brandsafety_society%252Cpos_nov19_tesco%252Cpos_omg_blacklist%252Cpos_test_death%252Cgs_tech_computing%252Cfinance_personal_finance%252Cnegative_tesco%252Cgs_entertain_tv%252Cgs_entertain_movies%252Cneg_corona_virus_apr20%252Cblacklist_vodafone%252Cgs_finance_banking%26uhid%3DUHID%257C20%253A06%253A13%253A07%253A07%253A16%253A752_5ee96301-d234-475d-a0a9-925a71090e12%26inskin_yes%3Dtrue%26adUniturl%3D%252F5293%252Fdailyrecord.co.uk%252Flifestyle%252Fmoney%26iason%3Dfalse%26mantis%3DDefault-GREEN%252CTesco-RED%252CCOVID19-GREEN%252CCOVIDSafe-GREEN%252Csentiment%253Dnegative%252Cjoy%253Dmedium%252Csadness%253Dmedium%252Cdisgust%253Dlow%252Canger%253Dlow%252Cfear%253Dlow%26luid%3Dunknown%26ruid%3D4dfb1d5c-0e54-4d61-9c23-27c76bc49692%26pageview%3D1%26rdp%3D0%26npa%3D0%26gdpr%3D1%26gdpr_consent%3D&cookie=ID%3D8e5f4cf5b91f0096%3AT%3D1592032047%3AS%3DALNI_MZTj3-f9R_FzXbT4t3wdJPeHNMNWQ&bc=31&abxe=1&lmt=1592032049&dt=1592032049802&dlt=1592032036546&idt=752&frm=20&biw=1600&bih=1200&oid=3&adxs=55%2C1425&adys=310%2C310&adks=1721985848%2C2542031584&ucis=b%7Cc&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&dssz=90&icsg=0&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=120x-1%7C120x-1&msz=120x-1%7C120x-1&psts=AGkb-H-3eV9IzHFZ-16PaEmSSZpI9CBUDvHmgI9lk8i-8BElggDeFY9AKs9OFBFZq_4Yk52OEIcqQqgs9a1I-U5aiQ1qEl8Wyj5YdUmIYOW2WiE5Dg%2CAGkb-H_5oSxkD-SEpmZA4SDVC2LCSX9FfXWTxg30hTKllv5VFXu8I5rZSZbQj9-RhCiETbXLpqxRxt1vMckZzk7dZOQmdJO4VXUKlQ%2CAGkb-H92Kr9KnfbDf_XqU-FLaMcmwNaNBFByteaRhQgj0H5jdKuIjASGBbXR6wufzHtuTkqgb8Ku6Gux1Y3KS_9triFPih6gr55-Qu0YKSBSuwA%2CAGkb-H_GFjnCeadO0MSV16s47LsFHb_kJfR_PF3qVKF0Ui1IHozpA2Gjp0wMPAZVF_AX8qhgrPuwEkyXntRRVVao220ZC1yDbXHbkrzsfpYwL2I%2CAGkb-H9lyqDPIdFfD5tXqIW6Zw0Vq3ETE3lpDFXU7jooOfLOnUV2a0TmGMlnyjUW6t66M-r6W-f3dU8Z9RqKioQcKzeBdEQ1Gra75DqGsg9qHZk%2CAGkb-H8sHK9-mAVerLKm6cKuDy6a271sHs3i1HW6DWOrX86Ks4btiX-SMWdx0zNAQsbsWL_VPNwUxrjbHBZNGai--JivPLxjzjjkO3vdmFcz_1mo&ga_vid=108802521.1592032037&ga_sid=1592032047&ga_hid=150578195&fws=516%2C516&ohw=1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

08a225224ea632a3025993cee21f789b30e59a9693e97e62103f04c1fccead67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 07:07:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18366
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dailyrecord.co.uk
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
a.teads.tv/page/55334/ 485 B
664 B 87ms
87ms XHR
application/json 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/55334/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.dailyrecord.co.uk%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&page=%7B%22id%22%3A55334%2C%22placements%22%3A%5B%7B%22id%22%3A60379%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A800%2C%22height%22%3A450%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A230%2C%22status%22%3A23%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3A1%2C%22cmpId%22%3Anull%7D%7D&auctid=d228a7b8-9915-470b-89e4-54656191cdb2&formatVersion=2.22.61&env=js-web&netBw=9.7&ttfb=128
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f133d3ed8246e92d4b8d78545a2ec1d451aaaa8737e5baa19f73da98a0d56f79

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:30 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.dailyrecord.co.uk
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 338
expires: Sat, 13 Jun 2020 07:07:30 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1592032049960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1592032049960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

43 B
589 B

27ms
27ms

Image
image/gif

104.121.152.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1592032049960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=54274073&cs_ucfr=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.121.152.36 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-121-152-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1592032049960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=54274073&cs_ucfr=&cs_ak_ss=1
Pragma: no-cache
Date: Sat, 13 Jun 2020 07:07:29 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=2431055812304490&bg=!JySlJDxYegUs-GeuUugCAAAAd1IAAAASmQF98sHD03hu0uSTxrMGXvyQC-EhmOjnGweF-dJl0WvNuTtPNHC5ER4suSJdzhAo7dj_ZeFTc91N3FdGhd0RvuZAQaXqxRFfb9LKkiGYUrtIWNMh6aFyExNCgI_KFhhJTC5osst1AUIE80X8V5xmpi9C0POx7WufOlThxyu1NC89he3n3Xbkpuy5z1xUOypzdT98bGTgvV7Buzf5TC2mB6qTFHzx6ViXobqDRV9PT7njp8YQo0yxlBimt21XmdBy9vaXlNYF50zEuvysX59Vp7ylmjSIzLdrCpVhKYUeDw_amilrfhrsfGuoqG8lxSunIFocW8BYPFWV8imRUwjFq6a8PzulRcEc1xlD3L25jXl_zWqEcR8jxfaR4vJJWn0yDL4BDnZ3yvdCtHVQr2ABtM-_KielIBkVb5OkyY0QuBVl7xVoaIjoZUfImhfjM7Vix1bPgE3gq9ecMzWcnvBfNkp7wHfx19jNiwRo5FS6QeW31VNB_SLkSYodEz2o8DTf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe
sync.teads.tv/ Frame 1B67 0
0 111ms
55ms Document
text/html 23.210.248.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=60379&gdprIab={%22reason%22:230,%22status%22:23,%22consent%22:%22%22,%22apiVersion%22:1,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=d228a7b8-9915-470b-89e4-54656191cdb2&vid=0acde73e-1dd4-4e01-9e34-2b5ebce38539&1592032050053
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-12.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?pid=60379&gdprIab={%22reason%22:230,%22status%22:23,%22consent%22:%22%22,%22apiVersion%22:1,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=d228a7b8-9915-470b-89e4-54656191cdb2&vid=0acde73e-1dd4-4e01-9e34-2b5ebce38539&1592032050053
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=1; tt_viewer=0acde73e-1dd4-4e01-9e34-2b5ebce38539
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 153
expires: Sat, 13 Jun 2020 07:07:30 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 13 Jun 2020 07:07:30 GMT
set-cookie: tt_bluekai=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Sun, 14 Jun 2020 07:07:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2 200 container.html
550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 594F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 13 Jun 2020 07:07:27 GMT
expires: Sun, 13 Jun 2021 07:07:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032005272217000/ Frame 4DBE 202 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032005272217000/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b349aeb34f1a4abd36db123427d3d0796dd9d8a7ffc6275a58ba6aa514c927dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 233621
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56223
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 14:13:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e09e1ec6a6946eb6"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 14:13:49 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032005272217000/v0/ Frame 4DBE 16 KB
6 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 233611
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 14:13:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 14:13:59 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032005272217000/v0/ Frame 4DBE 97 KB
29 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032005272217000/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 233608
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 14:14:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 14:14:02 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032005272217000/v0/ Frame 4DBE 4 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16153
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:38:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:38:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032005272217000/v0/ Frame 4DBE 48 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032005272217000/v0/amp-form-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 233604
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 14:14:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 14:14:06 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DBE 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27213
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DBE 295 B
369 B 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/bf9ae724b717d2d97334500c32b7d48937ddefa9f5faca2fcf2a791d702e7281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33250
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 4DBE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3975eb2cca3ffd80c403b01c99e4b26600b051988bf4826bc564bb3ebabda5d

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10803553629256829613
tpc.googlesyndication.com/simgad/ Frame 4DBE 36 KB
36 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10803553629256829613?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn1myK_rtNZ-FEtfcSrG5iptF6MmA

Requested by

Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc207451c6bb50eed613a78575e372e45f7e334e9c9f0f617573cf096195f632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:22:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Sep 2018 15:53:34 GMT
server: sffe
age: 63927
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36982
x-xss-protection: 0
expires: Sat, 12 Jun 2021 13:22:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4DBE 0
0 22ms
21ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkgkmpEHoosxS--DYfOvkIsyJAn_pKf8Jo5bnuoytodtyVgUDQbEz3aU76EO29cARNLY1TJp5G66SLmEUa7NkuEDKCTw
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4DBE 0
0 53ms
53ms Image
text/html 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cagz4MXvkXriLNJDH7gOE-ZvIDIvkp8Ndr4rflbMLuLGBr6waEAEgv_DEHmD1lc6B4ASgAfPX7YsDyAECqQI2l0hHf-KyPuACAKgDAcgDCKoEmAJP0EDFxKqMbVPZiFoLQmHrZx7Um23gtnEZtIi6_-Aj7JtJAFOChhIUtnYLGTx5Lt3uRLcNpeAhgssr6VO0qE6PhVXUEDDJziWhCybpz2ggp5kKpH7H7xbiVZ7nWtfP0N0wqtsNOjDZ6UrfZcTMBjUIvHx09hr2iiJNnSBNTpomZlV0y6NxPSqGwyErAC127TkTw7VeUt3AD2a8ZZAU4XlZ_Qvnu-QIn2QbyUyHVNrupbvyd_PZJcEdsHNMm2yACBasnvFiRbmdslBUhG6pzDPhVpc1Et5UMN5CJZhrowgS2O7jKKTgIrdxGZxR3ZO_5yPz9DpqlCvZ5e8nrdyLV6UHQWAT8LR640MeuEmrur7FPAHP2S9iSViPwAS7l5zd-wLgBAGSBQQIBBgBkgUECAUYBKAGAoAH0bPef6gHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCJrRjSCAcIgGEQARgdgAoDyAsB2BMN&sigh=xppfUA-ILQc&tpd=AGWhJmtr-ggjXYlexxuAv7LuVWwkaS3OiUyQaNj20YbZ_Y89Ww
Requested by: Host: www.dailyrecord.co.uk
URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7F00 42 B
109 B 15ms
15ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbQCwHKS9S4NNOkHu0XfDTsFTacChbdjndBHlR4ZRwTBQHsh2i7lHDPD5hcb715U4WgHo_QNnpzRALiNBV9OkwFUnTNTGcbGomo1VtJJq9BQ&sai=AMfl-YQ_hUuMtQa1uLCNGZMf-7j4uD22gkJq9DSJ1WkGiLK_hQT9AauXn6A5LINFeKB3JqnMW0ciBarUzjNz75Bph5WgWXaF_eoPoD_mBry4aA&sig=Cg0ArKJSzOSRAkZU6qZFEAE&id=ampim&o=315,10&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,0,1007,1007&tos=0,0,0,1007,0&tfs=888&tls=1895&g=100&h=100&tt=1895&r=v&avms=ampa&adk=2049136760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10803553629256829613
tpc.googlesyndication.com/simgad/ Frame 4DBE 36 KB
36 KB 8ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10803553629256829613?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn1myK_rtNZ-FEtfcSrG5iptF6MmA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc207451c6bb50eed613a78575e372e45f7e334e9c9f0f617573cf096195f632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:22:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 Sep 2018 15:53:34 GMT
server: sffe
age: 63927
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36982
x-xss-protection: 0
expires: Sat, 12 Jun 2021 13:22:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DBE 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 27213
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 13 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4DBE 295 B
364 B 6ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 33250
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 13 Jun 2020 21:53:20 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4DBE 42 B
107 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusNcorP3rh5hMxWly8CqFYTbGFT4VUYItkXGtDEdd_Y--_B6kHe0qMjQZ939v9VcofmuQf-WfCpjGOHZhatoFeTTfIuQlfxz5SxQzw9zxdv5new8tl0RukPqCvkfGTkKRskvglrMysaBRD0JJXlQ&sai=AMfl-YRtmCkfJMDGQHxQoHboWlWmov3wsZz4862TROPqYH00syh5NEV1bfhoqBXRBXGFKTHbUf1ThEr3TDniOEgNcxVjoLze8jRRe_ZFotEY9xwp6fXl6iQTSDENkOJp&sig=Cg0ArKJSzBoSh00Msh77EAE&cid=CAASFeRoA-w1-_3NGvyUfMqoADBiT4ZeNg&id=ampim&o=1425,310&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=146&tls=1146&g=100&h=100&tt=1146&r=v&avms=ampa&adk=2542031584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailyrecord.co.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jun 2020 07:07:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 113ms
112ms Image
image/gif 50.17.132.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=dailyrecord.co.uk&p=%2Flifestyle%2Fmoney%2Fnetflix-email-phishing-scam-targets-22179768&u=BTZSa_wFXkrBGcSNa&d=dailyrecord.co.uk&g=33715&g0=lifestyle%2Cmoney&g1=Linda%20Howard&n=1&f=00001&c=0.25&x=0&m=0&y=9942&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1024&t=HvzxbDB47YXC4n5bgZH9olTEL4D&V=120&tz=-120&sn=2&sv=DrKmWmDAd2oRDlFTJmBR-0l5CbqxE5&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.132.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-132-182.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 13 Jun 2020 07:07:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
151 B 101ms
32ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=90&profileId=154&cb=39901283180
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:35 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.dailyrecord.co.uk
timing-allow-origin: *
vary: Origin

POST
H2 204 csm
bidder.criteo.com/ 0
151 B 32ms
32ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=90&profileId=154
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Sat, 13 Jun 2020 07:07:37 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.dailyrecord.co.uk
timing-allow-origin: *
vary: Origin

Verdicts & Comments Add Verdict or Comment

338 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lijit.com/	1970-01-19 18:59:28	Name: _ljtrtb_26 Value: 5233f279-af84-4ef0-8aa9-1422dd11c5ac
.rubiconproject.com/	1970-01-19 18:59:28	Name: audit Value: 1\|NR2E5jXQ+nEjmkMcVrmpPwVVIZ460PJoVFepRc6zBtS9GfUpJWwi6cy/dDV4glBskFo1W/2NgsZBK03vAHceENBQIIuieds9bGKP5JWgi/d4ABzEOmn8T/uqk7fSYxrXrfC4CKgDel7PYkQjXu6gkc2O8qCVR0N4qoxmw57vRqc=
.lijit.com/	1970-01-19 18:59:28	Name: _ljtrtb_3 Value: 8cfb5ee4-7b26-4c00-864e-28202b9fb7a9
.lijit.com/	1970-01-19 18:59:28	Name: ljt_reader Value: ea49b6062f8efebe9ef259ab
.smartadserver.com/	1970-01-19 19:44:06	Name: pid Value: 4231625618746867216
.lijit.com/	1970-01-19 18:59:28	Name: ljtrtb Value: eJwVyr0KAjEMAOB3yWygTdM%2FN5HqIi4Hom5pr4FbDgdBUHx36zd%2FHyAHW9jvylTKeTncwnp6Pu7T8ZpLWOv78oIN%2FEdqWn3vjLFSQG7GYArckRIZqllrlDwqhXE9OacUM4omRu46rkhGy0TzbG3z0uD7A%2F%2BhIGY%3D
get-latest.convrse.media/	1970-01-19 18:59:28	Name: ConverseID Value: 40fb043e-3095-4d11-a2a7-11b099f3f13d
.amazon-adsystem.com/	1970-01-21 06:29:13	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-19 15:04:44	Name: ad-id Value: A0Ww_qm3-UGCpeN9efxeUHQ
.crwdcntrl.net/	1970-01-19 16:42:40	Name: _cc_cc Value: "ACZ4nGNQME0zM000M01LM0g0MjZNMzQ2NDJJMU60NDQzSUxMMjNnAIK4J9Vq%2F4GAnwEGpBteH5Bl%2FOTJ8J%2BRkWHrmpcCcPbD%2FYow9vSXCDUtB%2B4owdjnF89hYfzABGYfBrKZIOJQkb%2BfLdEENk5BU7L8TyGqwNmT6qgCl049YkMV%2BdBwXwBVZM76p9yoIjeAumDsc0cPMaPKtt96qwxjXwB5Aeqdy8%2FvwL35sesRXPzE4rPsMPaDb7cR6pcjsQ8g2KtPIdg7z93kh7GnPfysAmMDAOGLmpA%3D"
.rubiconproject.com/	1970-01-19 18:59:28	Name: khaos Value: KBDARQH0-1U-2KYR
.crwdcntrl.net/	1970-01-19 16:42:39	Name: _cc_domain Value: .cc.mirror.co.uk
.crwdcntrl.net/	1970-01-19 16:42:39	Name: _cc_dc Value: 1
www.dailyrecord.co.uk/	1969-12-31 23:59:59	Name: _cmpQcif3pcsupported Value: 1
.crwdcntrl.net/	1970-01-19 16:42:39	Name: _cc_id Value: 5f65a65ff0a235f13124d3a9164aab67
.lijit.com/	1970-01-19 18:59:28	Name: ljtrtbexp Value: eJyrVjJWsjI0tTQ2MjE0M7bQUTJC45uaoclD%2BEYG5qZGYL45hG9mbGZhbFELAIlfEC4%3D
www.dailyrecord.co.uk/	1970-01-19 10:57:04	Name: GS_GROUP Value: 2
.dailyrecord.co.uk/	1970-01-19 16:42:40	Name: _cc_id Value: 5f65a65ff0a235f13124d3a9164aab67
www.dailyrecord.co.uk/	1970-01-19 10:13:53	Name: _cb_svref Value: null
www.dailyrecord.co.uk/	1970-01-19 19:42:40	Name: _cb Value: BTZSa_wFXkrBGcSNa
.lijit.com/	1970-01-19 18:59:28	Name: _ljtrtb_56 Value: OPTOUT
www.dailyrecord.co.uk/	1970-01-19 19:42:40	Name: _cb_ls Value: 1
.dailyrecord.co.uk/	1970-01-19 10:13:52	Name: _gat_UA-110513849-17 Value: 1
.lijit.com/	1970-01-19 18:59:28	Name: _ljtrtb_23 Value: CAESEENiFY6nLtpZSGX9E6nbzVw
.dailyrecord.co.uk/	1970-01-19 16:42:40	Name: _cc_aud Value: ABR4nGNgYGCIe1KtygADLAxs29TBrDWeIJLxzAoQxfTnNpAEAI95Bw0%3D
www.dailyrecord.co.uk/	1970-01-20 03:45:45	Name: TM_ga_clientId Value: 108802521.1592032037
www.dailyrecord.co.uk/	1970-01-23 07:49:52	Name: reach_mrcv Value: 1
.dailyrecord.co.uk/	1970-01-19 10:15:18	Name: _gid Value: GA1.3.545948324.1592032037
.dailyrecord.co.uk/	1970-01-19 16:42:40	Name: _cc_cc Value: ACZ4nGNQME0zM000M01LM0g0MjZNMzQ2NDJJMU60NDQzSUxMMjNnAIK4J9WqDHAg0fD6gCzjJ0%2BG%2F4yMDFvXvBSAsx%2FuV4Sxp79EqGk5cEcJxr6weA4LjH35%2BR24msNI4h%2B7HsHZfz9bwpgnFp9lhwtvnAJXsvxPIYx59qQ6jHnp1CM2GPvBt9sIS5cjsQ8g2B8a7sM9Mmf9U24Ye%2FUphJqd527yw9jnjh5ihrGnPfysAmMDAMrHeAQ%3D
www.dailyrecord.co.uk/	1970-01-19 19:42:40	Name: _chartbeat2 Value: .1592032037341.1592032037341.1.DrKmWmDAd2oRDlFTJmBR-0l5CbqxE5.1
.dailyrecord.co.uk/	1970-01-20 03:45:04	Name: _ga Value: GA1.3.108802521.1592032037
www.dailyrecord.co.uk/	1969-12-31 23:59:59	Name: __enableGS Value: true
.dailyrecord.co.uk/	1970-01-19 12:23:28	Name: _gcl_au Value: 1.1.1679127877.1592032037
.crwdcntrl.net/	1970-01-19 16:42:40	Name: _cc_aud Value: "ABR4nGNgYGCIe1KtxgAD7AwMXDNADLZt6mCBNZ5gSpAdTBnPBZGMZ1aAKKY%2Ft4EkAAB%2FCJs%3D"
www.dailyrecord.co.uk/lifestyle/money	1969-12-31 23:59:59	Name: ruid Value: 4dfb1d5c-0e54-4d61-9c23-27c76bc49692
www.dailyrecord.co.uk/	1970-01-19 10:57:04	Name: GS_REVENUE_LOC Value: 2
www.dailyrecord.co.uk/	1969-12-31 23:59:59	Name: GS_RESTRICT Value: 0
www.dailyrecord.co.uk/	1970-01-19 10:13:53	Name: TM_PagesViewed Value: 1

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 66) Message: IX tag: scriptConfig [object Object]
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 88) Message: gsConfig [object Object]
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 88) Message: gsZone national
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 180) Message: iPhone/Edge Fix running...
console-api	log	(Line 2) Message: GCS triggered with account _6hstsnqgjpwwoaqquxjufyunxa
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/js/video.min.js?v=f9050d7d4045810705cf18c5b4279da5(Line 1) Message: VIDEO: feature video.ima3Version = 3
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/js/video.min.js?v=f9050d7d4045810705cf18c5b4279da5(Line 1) Message: VIDEO: Initiating bumper.
console-api	warning	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/js/video.min.js?v=f9050d7d4045810705cf18c5b4279da5(Line 1) Message: VIDEO: bumper not configured on this publication:
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-video/js/video.min.js?v=f9050d7d4045810705cf18c5b4279da5(Line 1) Message: VIDEO: component init - modVideos= false
console-api	warning	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/withnail/lib/prebid/prebid.js?v=ca530940770001d4a547a7fd3680a322(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.loadPartner]
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.init :placeholders: [object HTMLDivElement],[object HTMLDivElement],[object HTMLDivElement],[object HTMLDivElement],[object HTMLDivElement],[object HTMLDivElement],[object HTMLDivElement],[object HTMLDivElement]
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: property-search-container
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: partners-footer
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: weather-widget
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: takeover
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: crosswords-carousel
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: valpal-property
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: web-search-container
console-api	info	URL: https://s2-prod.dailyrecord.co.uk/@trinitymirrordigital/chameleon-partnership-widgets/js/partner.min.js?v=cb87fa025bf84e7d5163da4728022b34(Line 1) Message: [rps.partner.addTemplate :slot: haymarket-car-search-form
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 88) Message: fireGsLoaded: [object Event]
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 88) Message: fireGsLoaded: [object Window]
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 88) Message: fireGsLoaded: {"gs_channels":"bespoke_moving_house,gv_crime,shadow9hu7_pos_sky_blacklist,shadow9hu7_pos_tuibrandsafe,pos_danone_brandsafety_family,pos_danone_brandsafety_fitness,pos_danone_brandsafety_health,pos_danone_brandsafety_misc,pos_danone_brandsafety_society,pos_nov19_tesco,pos_omg_blacklist,pos_test_death,gs_tech_computing,finance_personal_finance,negative_tesco,gs_entertain_tv,gs_entertain_movies,neg_corona_virus_apr20,blacklist_vodafone,gs_finance_banking"}
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 88) Message: Grapeshot loaded event fired: [object Event]
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 76) Message: fireA9Loaded: {"isTrusted":true} 1
console-api	log	URL: https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768(Line 76) Message: A9 loaded: {"isTrusted":false,"data":{"A9Loaded":true}}
console-api	log	URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js(Line 455) Message: Selector not found: #onscroll-rev-580-1
console-api	log	URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js(Line 455) Message: Selector not found: #onscroll-rev-741-2
console-api	log	URL: https://get.s-onetag.com/1c70080c-ad0d-42a0-9959-21c14b15f917/tag.min.js(Line 455) Message: Selector not found: #onscroll-rev-741-1
console-api	error	URL: https://quantcast.mgr.consensu.org/v30/cmp.js(Line 1) Message: Error running pending call: TypeError: Cannot read property 'apply' of undefined TypeError: Cannot read property 'apply' of undefined at t (https://quantcast.mgr.consensu.org/v30/cmp.js:1:213115) at n.executePendingCalls (https://quantcast.mgr.consensu.org/v30/cmp.js:1:2343) at Object.<anonymous> (https://quantcast.mgr.consensu.org/v30/cmp.js:1:213495) at t (https://quantcast.mgr.consensu.org/v30/cmp.js:1:110) at https://quantcast.mgr.consensu.org/v30/cmp.js:1:497 at https://quantcast.mgr.consensu.org/v30/cmp.js:1:507
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : sureview global var already exists: false
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : sureview elems already exists: false
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : skin already exists: false
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : sureview instance loaded: true
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : setup running: true
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : adslots successfully defined [object Object],[object Object]
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : scale contents: false
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : apstag bids: [object Object],[object Object]
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : apstag targeting added to: div-gpt-ad-sureview-left-slot div-gpt-ad-sureview-right-slot
console-api	log	(Line 117) Message: [INFO] - (RCH) Notify event Sureview 2.1 : adslots successfully refreshed and displayed: div-gpt-ad-sureview-left-slot div-gpt-ad-sureview-right-slot
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'sticky' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'sticky' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'adEl' of undefined
console-api	info	URL: https://cdn.ampproject.org/rtv/032005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.dailyrecord.co.uk/lifestyle/money/netflix-email-phishing-scam-targets-22179768
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'adFreeEnabled' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'adFreeEnabled' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'adEl' of undefined
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'adEl' of undefined
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: TypeError: Cannot read property 'adEl' of undefined
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js(Line 6) Message: This ad's html cannot be accessed using the getHtml method on googletag.Slot. Returning the empty string instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
550ab063cec3546353419d0b6d544a51.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
ad.crwdcntrl.net
adservice.google.ch
adservice.google.com
ap.lijit.com
as-sec.casalemedia.com
aswpsdkus.com
audit.quantcast.mgr.consensu.org
bcp.crwdcntrl.net
beacon.s-onetag.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.exelator.com
cdn.taboola.com
clients1.google.com
connect-metrics-collector.s-onetag.com
cse.google.com
dfp-gateway.s-onetag.com
elb.the-ozone-project.com
fastlane.rubiconproject.com
felix.data.tm-awx.com
fo-api.omnitagjs.com
fo-static.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
get-latest.convrse.media
get.s-onetag.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i2-prod.dailyrecord.co.uk
i2-prod.mirror.co.uk
js-sec.indexww.com
load77.exelator.com
loadeu.exelator.com
mab.data.tm-awx.com
market-dev.s-onetag.com
match.adsrvr.org
mydmp.exelator.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.skimresources.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
prebid.adnxs.com
prebid.s-onetag.com
quantcast.mgr.consensu.org
r.skimresources.com
recommendations.data.tm-awx.com
s.skimresources.com
s2-prod.dailyrecord.co.uk
s2-prod.mirror.co.uk
s3.mirror.co.uk
s8t.teads.tv
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
static.chartbeat.com
static.criteo.net
static.quantcast.mgr.consensu.org
stats.g.doubleclick.net
stmg-prod.mirror.co.uk
survey.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
t.skimresources.com
t.teads.tv
tags.crwdcntrl.net
test-apis.quantcast.mgr.consensu.org
tpc.googlesyndication.com
trc.taboola.com
trinitymirror.grapeshot.co.uk
vendorlist.consensu.org
www.dailyrecord.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.skimresources.com
104.121.152.36
143.204.237.122
143.204.237.14
143.204.237.21
143.204.237.28
143.204.237.41
143.204.237.57
143.204.237.60
143.204.237.89
143.204.237.92
143.204.244.102
147.75.102.200
148.64.56.194
151.101.113.44
151.101.14.217
151.139.128.11
172.217.22.34
178.250.2.131
185.255.84.150
185.33.220.243
185.64.189.112
195.181.175.46
2.16.107.66
2.18.69.184
2.21.37.179
216.52.2.30
23.210.248.12
23.210.249.164
23.37.38.181
2600:9000:215d:2200:7:8699:e840:93a1
2600:9000:215d:2800:8:391c:bb40:93a1
2600:9000:215d:2c00:5:9a4c:9b00:93a1
2600:9000:215d:4a00:9:46dc:4700:93a1
2600:9000:215d:600:9:46dc:4700:93a1
2600:9000:215d:6800:1:af78:4c0:93a1
2600:9000:215d:7400:18:1fcd:34e:d2a1
2600:9000:215d:9000:1f:287:d20a:ce1
2600:9000:215d:a000:5:ae3a:ba00:93a1
2600:9000:215d:ae00:6:8c85:2540:93a1
2600:9000:215d:d600:14:75d3:e5c0:93a1
2600:9000:215d:e200:13:79eb:1780:93a1
2600:9000:215d:e200:1d:76ee:780:93a1
2600:9000:215d:fa00:a:52eb:a100:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2011
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:814::2001
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:816::200e
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2001
2a00:1450:4001:81f::2003
2a00:1450:4001:825::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:26f0:c400:18d::36f1
34.246.59.179
35.166.33.82
35.190.59.101
35.190.91.160
35.201.67.47
35.227.208.151
35.244.246.232
37.252.161.190
50.17.132.182
52.211.110.107
52.212.41.149
52.48.201.53
52.49.190.28
52.49.48.237
52.58.195.54
52.95.124.170
63.33.80.49
69.173.144.141
99.83.181.31
00b552672d529da9cf1efdf260bd741f75071bcde6d704b1fb79ce33a00a67bb
00baf0d775f7f46bd10d130ca124b6418b161729729e4082cbe94815f3e50469
018446bdfd6745e64a05f7070ae7db701b18456af28615c1e1659229e5cf9641
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0497a0edf37536fc1e2a0dd666016601c3d3ea9f07e0a15e5b55d3b8e8499636
05e5aac9c7577a71687c7a2bd9fce9502a45aaf546cbaf9591bc05597ea1f321
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0718d0db2b4ff6e60fd63832ec2c63619998239ec3d3d4cfb13cda6c546ff17e
08a225224ea632a3025993cee21f789b30e59a9693e97e62103f04c1fccead67
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
092fbacba8e1d25cead8ec4d1e411bbb58b7a04b364f977df2acd757ea3f2a0d
093c67c7893b9830abb823443b276a726b56c582ccddbb4e5244ea81db8b3233
0a8edb7447c3f734d54fe12fc95526e25be58b39ffb9d0452c4103a87f397458
0d97c41835d960fccf7f52d251d08568b42bcca7431bf291cf5fe49489843afc
0e0d246e5ec8f5d77bc98e040409d417685b98c56fbf1b2115873067dc53fc64
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
0ebd5a3d7b30af391f972b0bc48d024993957291a40dfd5fa07d9c2d85655548
1032eb4fde545a8a200a7142d9663ea921460cf38158380c63cf7882508bf548
10b6315adbc64ad8b39a6e8b86b67b2c9243ae3bb36f5624c7bf82cebe5d2295
12b6257e0ee89bd931cc8f45f573ab9246e088b566cf92cdbf5c83e2d18e6792
131a3dbdfbbda75a29a1634bcafe261debf986bb86e5cc366b96a2b0e795fa07
17477e33dfef1fbbdbab9e310a02178033f318150dd0aeaebc04485cb3e04ce2
22cc94ba3019b5f435adce7d3247c84e8c0eab9ca8459ef682a83358063fbe8e
23304e9ae5b04a60edeb8a18d67e2de3a37fe961b02ee5d4db9a18493fd85641
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25cfba872cacb548bfbdae8fa7844ca5cb594625908870b4e58d52d6b3ceb578
27e9edbdc9e55d87ebb98e3597a41dc3c59cae0b51dfbc958acea55da31619fc
29372967df289fa9b0f0464b700484ccc136e16011e355fb7ce37d2ebbfdc22a
295ffa3610447b63201f7f2221e8c7447fa3448669bbd54d91971b2db12c2999
2aca73ab1ff7b041296a0d46f5624cd0dc4d52ad84c281eb142e20d95d47752a
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d1a32a4b77b02bb5ea68d84fcb19410866b78a14436fe30795a7c1f07484780
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f87bcfc6d8f137daa98657900b4f7b1747883c04aa972e41a0a1b8c698d21b5
31d3265ea9adc1f960a508df98f45e26ff87e5aa62120611867c4d2989bbf36f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3405c44f4d522d4b713e969649a37c5462a777d9e681cae83d769acbf1f69ee5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
366bd5f1da58b8383f819a05a617e0aff0bfb4afcbdb473c4042e7f53dc1a877
36e0ccb67e21e833e75e1fe8bd86f85452a1a3985835fd4ae463a65a94819570
382bd0b6cfa1f0eea0e430fc6542658c934bbedbb7e79f3f802ff4f5c71484df
393782e32b96118b0a5418afd1436db2daa9ede0b11ab1dcd5960770efac41ea
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a2b5aedab6d8d1c405b309e966859cc6f9f836039b5b4999d15dfc25307e8b4
3ad1b362ceb4eb927eae789dc6c37b5030ef34de85c9ade872d4c41308d51940
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e58593c8dbcab546040b58fd0eb222de4f12e31c59fb8579c019aabb2402127
40d721ae9f1a9c9473bc126cdf38ca932b4d64519255ebad138a0383d10d6167
410b2091edb9c9e149d2d72875774b82ff6cced566193cf3fecf3c2745b1b63d
447bc3d208c00eb034b6628cfd19d92eb2b4808cbeab6ba0894493556ee2cf37
460b42d997671850a0ae86ce54e3a3aa6b0957ea3e76f8706d2c9fce2b8a894e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
471601c6f26cb310a486c68ba879020f04018ecad50b53ccbbe15f2b52c9386c
48e300004ce557bdf313b88d22a0dc3a7492a4933fc137b59de6c221f0d2285a
49a07a1348273750d65f44c8fd6270fc7c4777e2bbb2ed30bf4df9a00f749250
4b1b0d5371227e80401ec8897cfe4fd1b06eba15ac9755c05344e5276c4db41c
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
4fb358793e029f7706ae6c789aacbc968440b680a5843b4267b292928bdccb8b
50a8242d610c1de30061dc986f9631aa096449a677ec9012e51fbb60eaffe756
520059d75ddbc4bc6f1cbd6fa915cd1ddc20787998096f52dfc241ab52442e38
528e385935c819a43a8408d26c6a559def4d21dafb24d2c6fe3de1b300f15ba1
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
5916b5490f3356df0c6fcbaabee029b32aef2ea81c3d798dd665e4b00bf8e940
5b9efc7f39d120fb5d68a1963c4f04b730160daba6a9957b3501ce8385e1a236
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d221443587e5750f659d8639389fcb80ec8a16e4a281d695f3bf1f0dfaff496
5d26fead64e2e8f5e20c71220a13de853dbb338bf4858deca1f930832ca7c1d0
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
60dc8cc2e30cc529e06aab5920c0be3df93d31e867c59d6f1b7a175747442478
61bc0ba6055f00b8c5ec4629426a4c74649a95e698fb247abdb4b7024733cb5d
63bc04020edd0a6ba2712205585a8060b2a4acc76e7030c7637696a1639a6a4c
6577da8128359a4e153e07faf38fdb6c97e9baadda3332f5e645a8657403b7fe
6643e620d05195621f624a26a3fa707d29ba32f660d93a5faa9316c81601e0d9
67218cedf3fe2e9c5f13da640d16d5326b6b338665306e3282c77b27d9300f90
6808ddc10992310de1c9cf6f7ac0141ee82a8c5c4bf6aededc5d22d31b625468
68a6c91fc7525fa5e2d4186dcb795dfc9fd83b756e76fc64bd002de2c1fb47e9
68c6064599a0912d0565717d68a2dc6823c8027f23a70cb3711d4aa220e6672f
69a1804eb96f89103306eeb1a2e6ed67c0d3ef8033cfb4ca60319632dff1fb55
6ac40c23593f2ad113a6637a84d871eea68184f776ad562abcd11a361998ec8c
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
6b1f3b6e8f8bfbdf8c30524544c8b844f42f72a16da547af9b3793488f4ced0d
6dec0ed08c7bac90c1992dfb027cda08a26d05dfd999ccdbf9544015970473d5
6e824c99b2238120da03043a30d88523accdc1bfbfd02675dfd6fabd3da26f65
70be97aca4d51cee33d2c99813afa0ca5391310d842a28cb24fdd6444e8606f9
7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454
739a597c609c2742d766d594897848f9f4ea265958ba4c3ad5ec7f5df50e553b
74e84d8054b86afae6e96fad6fac10e942dd44b7088e1793d746a03df22dffbc
75f214d38e43d6ae693d22faee11dd261c81eab907a0556ed96b62a4d675082c
77e7dea035cee556dca30d07683ec868b48533f18a35351e8b2dbb946ecf888b
794cd1eb86d8df593d409db3e63f6689a321c0b98bdaf25800d585debcbda715
79c1520e7557e79eecd5660e05116de0bedf3cfa5ca2dffc65b4893079667705
7a6e23f5abe1c13ec092970fd2afcb591deffc77017c3807f9f32c02323a0edf
7a98dd4ea2da59338b228ae8fed2db4c8ff81c9492a5f194dd03c07e2a2af0a9
7b7df1fe145bc0520d8350763888d07e583000e9d23e1eec3cce27baf3cc5d4c
7ba2a6df40f86067fce719174d658327b5618e9c8040dc4000a19e829e9a1f06
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7c5e090ff76ca7d7aebe407218c97234cc43122977602ed8d7f7390ab35c67bf
7d2d1f9c78d8c0755bb8830fd20121d6d05c949c89b20536a89b6643f748c600
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff1ee156f59fa04667d7c224879cfa3e5d1232ae503f90d886ec9caa2e590b9
828af7c38e27bd1b64a260e16f9864e4658b0c41ab950e6d54148deea44489c8
82e38e9b679e923a3974c70193888cabca666dea15e0ca687cb4b92f891fa400
845ea0103af2e2a6c2b0d9459ad7cca232c9d239811347d0dd40f93eb4769b42
846173d3eac3f1354c1f9ba546df4e5210f842d5505cd8a3c6852a92ff645d16
8550c09fa6c94bab41c3dbd09a184ac7036e54a945bf66b640950f01dcbf4bb2
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
8650a0c2daaa3931b59aa8cf8796cec91ff8ae9516d62310e0ac8029303a12f7
8684e47b4acd7613e0eb5f753821b07b58c107d181ddaea696e7b5d5beceaa06
8ab118887020a0ac973965df1edcd5cf61cba0e68c743ab195062f06b8f23d0b
8b0d879dc2c82128fbe5e071e5034ca14f14afca1794c295f43ca3ac14b12a3a
8d609d64bce01f1abb1d78e7fa19e57673338feebfbe9d14bc0ef117ff14f401
90f62d86d565d683cd8e9d55498f3e42dbbb33deb4211c86aec9bd63352bfcda
917a70cc805a0f7f68f44cc16dcb3fe7a805a2b052a02c352385256afa578213
9207aa3b28f1aff72041285132eb7375c35178fdce724c478fe50e4773d35453
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
93c5809a50d386dad38d1f9eccdc910485c337a93ed931fae7d4da8ccaddd1bf
961fec356326dc582ad3eb30f75f2728df9eed5062bfdf0b78b655865d5b3859
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb
9b9e577c830fff834a00a186c3eda63e717eecf8a2e21bc6350b1108e1893e2e
a01d87c76bf59e963b5b7a365e198568c84a1be7f0ddb8c4c5bbfe64a03e6ed9
a117a519c3759923d441bd98375e82689a20f9a0c9d53ac6a8d25820f6695cff
a14e1b1d6c2cd5076fdb2a0f409800004c6c63e5990967b997f30d31639c5d52
a187f330d97d925da831e60a57fba514490f9d432fae70ed0a76a6be4bde5384
a18e27150bad800092a4a85606b401f494c5625c8fdfd46cb66190328fb8c32e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a50f20ecac24eeea05e7fc20c4f5d20b5075e061fd067d1f956e424fe010dcf2
a5eabf2fd7f20bf65c0f51733b5305747cd5744ff763f102c590ad4c38ec672b
aa5e4b4b8bdb490c10b25b5e4fdd5762748fb3d9778bf19f6bfba04da4ba73dc
ab0424f61753a45ef134bd976fbff813efd67a7527a7a59a719892c609cf25be
acdc5156b79d6a7cbbfc4cbcf30503dc265140379991a910570267d34afa2a2e
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
ad25613558e2ab513ed517de8b22c470db976ae72dbe1ee9fae7cbc459f80c5b
aea6a1cba8f14ad8d11b44f1ab102831768abefa9f33e8dbb496450df730537a
aee1ccc0e624d816da37526f0b2e076a8df9f67c01783f15f0cd559ec102d9d1
b340f7aa45532eca0b528fd76046080366160187caece4a41aeb6a123375575c
b349aeb34f1a4abd36db123427d3d0796dd9d8a7ffc6275a58ba6aa514c927dd
b388addf9c8ba4bc2852132727bd9df68c99db7ca97d22fdb18ad2a426d02a5b
b3975eb2cca3ffd80c403b01c99e4b26600b051988bf4826bc564bb3ebabda5d
b8ea4de8db74339641aa83cd6c1156f73204feda3c28a3d16ee45f141aef1a23
b9905f654e7d20756eb71bb3bce2178e57a0bced39fa8fef3eee5fd84165f842
b99ab5d94cc8955572da9cc1bbed01b16fdf8890ee476c7e5079661df405a81d
b9f0d58ddcf0a9a72f6d42c19381b0f2c8b32989c3110766cb1434a5842f3205
bbd1a8c569dd09a62ccb062291f531437a53ab50e4ae17dfa09ae31cddcfdde4
c11c266b63110c084a21a7c87d01a6549135ed4374e456cd06f151c34c96280e
c1de98814d884fb5c1517d830f19faaaccd02ce3b2e8b6d287003526de2d76ca
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c59469cb40c4f1cd045bd712d0ce1c81be9206daee2ba0446de08ed840b30fec
c67a61e1b0fba92866f365feba31d30f18c4611f0a014555a2f6fae6b8787fb7
cb34f0fba21508c6a25591b4b8d2c047ee80308a96db5df1f8d92ce9ea9f0a20
cd9c3635083c8ead6ad60951394d9ac2c4d595752fee198c18c76933f96694e0
ce71514a18261fccf38899c4c0e7d0e6ef7e3d58fb95a33080daedf0aa121eb9
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03b9553250bd018534018d1b22c3424fd6196dafd34140bf51beaf49462cb2d
d3779693716da4a4af3fdafacfc8436ad6379c5d52018745f2d8f3feec554de2
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
d399dd5d2d6718a32ecef9aad73d3a799d901c8781b03d516506de2cd3be30c5
d6083f51eff86e276d1de3f2e3e5b11870d5e7364847d805f00f5212d9a4ccf2
d7afa3084c1e9a54ad88b9f286de1c12cde478db30f038e3195a4a0b81eeb5d8
da025929fd8c4807489a75309ac6e9a9b532ac003597c3eab0ea8a93db94a4e2
db08613227deb40f1511d9ed15611099d13f063a3a522876293e0d4ce19c1704
dbeaf69a839b61144f0e8dea7615ee9f58ff70c7831aeed720eee504ea2eb117
dc207451c6bb50eed613a78575e372e45f7e334e9c9f0f617573cf096195f632
dcdab10c6c0aa2cc2c1682f7437e2542a4aa0a24ae149b3b5aa53f9be31e84cf
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9d032466d0417c4766f685738c484e83c3c0005729dcc4d633a2d4407f598e
ddfd54fa6430a6c1fa867953c7ba8ba90bc7bbe513eca5dcd9a787beb4490a14
df464f66f7711e3a3928628776f852d893cf51edbc3acb5b6cf44644e19f6ae5
e13e1529ccd916eb1fe71ef9133bc5411393668d93e244d640648964362b6c7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49732f7a66d919109248f87b59c6241afcf0b111cbe3e2f78ea9f9a03af219f
e7fe829bdf420d873a3ecca4f9df43e163035a5078fec4080c5bfba542f2967f
eab5593abd1540432ae819c9b55c7b6ae8c1102ac24ed8147edc35b5c289d46a
eb64d771cc384b57252f841b1a7da0ff67e00565636fba5bcb418fc3666f6436
ed57410b6d3577ae079759ca23479e4b44f02b6e0042fb56cf08b3904dc3fa70
ee1c2fc8fc212af2c8b90a2f38500ba6504e6b7dbbee273ab68b69edc4b3b1b9
ef0a6b8c109295b5ed81636ac4dc92964b3acea80ff6c9fec350bac373c6b5a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f133d3ed8246e92d4b8d78545a2ec1d451aaaa8737e5baa19f73da98a0d56f79
f24c6ab70eedf81ac07a3f6df1f903a18dd4896c50ac88caad6d859cee9d28b2
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8ac6488e7b74d5c1b535b9426af67ca89bdf6a0fabe942a5be592d0f2c8d057
f9bd3b3647e2e8cb13e52f5f3b360028ed217b3e56aabf06a538532f29779017
fc29f8a36dca6e08d498e7f017e578a596e7a5f320a55a171075890f5f586bee
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd0771e0df938e4168648725189569facd2c0f52bfb0bedf0587c041d420796b
ff42cd317dd51632421aa3db6f27857ca17f63370002c8c99704b90e92c043d6
ff50609c9bd236583a9ea74532ce62666d8752355baa19e3fa298344b97d9716
ff7efbed2c557b5ba4df1dcfd303c7b8e276bfb27dc87a8241f227e25ac40fa9

www.dailyrecord.co.uk Open in urlscan Pro 143.204.237.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

305 Requests

100 %HTTPS

41 %IPv6

42 Domains

90 Subdomains

80 IPs

9 Countries

4425 kBTransfer

11454 kBSize

38 Cookies

27 Outgoing links

Redirected requests

305 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dailyrecord.co.uk Open in urlscan Pro
143.204.237.57 Public Scan

Screenshot
Live screenshot

Full Image

305
Requests

100 %
HTTPS

41 %
IPv6

42
Domains

90
Subdomains

80
IPs

9
Countries

4425 kB
Transfer

11454 kB
Size

38
Cookies

305 HTTP transactions
8 data transactions