www.theguardian.com Open in urlscan Pro
2a04:4e42::367 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Submission: On November 09 via api (November 9th 2023, 8:57:48 am UTC) from DE — Scanned from DE

Summary HTTP 78 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 78 HTTP transactions. The main IP is 2a04:4e42::367, located in United States and belongs to FASTLY, US. The main domain is www.theguardian.com. The Cisco Umbrella rank of the primary domain is 13125.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on September 22nd 2023. Valid for: a year.

This is the only time www.theguardian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	2a04:4e42::367 2a04:4e42::367	54113 (FASTLY) (FASTLY)
23	2a04:4e42:400... 2a04:4e42:400::367	54113 (FASTLY) (FASTLY)
11	108.128.221.27 108.128.221.27	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.111 151.101.1.111	54113 (FASTLY) (FASTLY)
2	18.66.147.49 18.66.147.49	16509 (AMAZON-02) (AMAZON-02)
78	6

41 2a04:4e42::367 (United States)

ASN54113 (FASTLY, US)

www.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sourcepoint.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a04:4e42:400::367 (United States)

ASN54113 (FASTLY, US)

assets.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sourcepoint.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contributions.guardianapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interactive.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.128.221.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

ophan.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.111 (United States)

ASN54113 (FASTLY, US)

discussion.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	guim.co.uk assets.guim.co.uk — Cisco Umbrella Rank: 19800 i.guim.co.uk — Cisco Umbrella Rank: 14972 interactive.guim.co.uk — Cisco Umbrella Rank: 23015	688 KB
26	theguardian.com www.theguardian.com — Cisco Umbrella Rank: 13125 ophan.theguardian.com — Cisco Umbrella Rank: 17887 sourcepoint.theguardian.com — Cisco Umbrella Rank: 20708 discussion.theguardian.com — Cisco Umbrella Rank: 35476	203 KB
3	guardianapis.com contributions.guardianapis.com — Cisco Umbrella Rank: 20582	38 KB
2	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4421	2 KB
78	4

	Domain	Requested by
41	assets.guim.co.uk	www.theguardian.com assets.guim.co.uk
13	sourcepoint.theguardian.com	assets.guim.co.uk sourcepoint.theguardian.com
11	ophan.theguardian.com	www.theguardian.com
3	interactive.guim.co.uk
3	contributions.guardianapis.com	assets.guim.co.uk www.theguardian.com
3	i.guim.co.uk	www.theguardian.com
2	cdn.privacy-mgmt.com	sourcepoint.theguardian.com
1	discussion.theguardian.com	assets.guim.co.uk
1	www.theguardian.com
78	9

This site contains links to these domains. Also see Links.

Domain
support.theguardian.com
profile.theguardian.com
jobs.theguardian.com
www.google.co.uk
holidays.theguardian.com
theguardian.newspapers.com
puzzles.theguardian.com
licensing.theguardian.com
www.wordiply.com
www.facebook.com
twitter.com
partner.booking.com
www.linkedin.com
syndication.theguardian.com
workforus.theguardian.com
www.youtube.com
www.instagram.com
advertising.theguardian.com

Subject Issuer	Validity	Valid
theguardian.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-22` - `2024-10-23`	a year	crt.sh
ophan.theguardian.com Amazon RSA 2048 M02	`2023-05-30` - `2024-06-27`	a year	crt.sh
*.privacy-mgmt.com Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Frame ID: 87BFCA9CE8C8542598371B507E0E1290
Requests: 65 HTTP requests in this frame

Frame: https://sourcepoint.theguardian.com/index.html?message_id=882219&consentUUID=null&requestUUID=5e2b8ecc-5ed9-44ea-b86b-1d9a36bbf4eb&preload_message=true&hasCsp=true&version=v1
Frame ID: 4B0B3A6C23F0628DF3C2C050013B38FC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking.com customers targeted by scam ‘confirmation’ emails | Scams | The Guardian

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

78
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

9
Subdomains

6
IPs

2
Countries

931 kB
Transfer

2036 kB
Size

5
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://support.theguardian.com/subscribe/weekly?REFPVID=loqyhftwo9gc0tkezj7j&INTCMP=undefined&acquisitionData=%7B%22source%22%3A%22GUARDIAN_WEB%22%2C%22componentId%22%3A%22PrintSubscriptionsHeaderLink%22%2C%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22referrerPageviewId%22%3A%22loqyhftwo9gc0tkezj7j%22%2C%22referrerUrl%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails%22%7D
Title: Print subscriptions

Search URL Search Domain Scan URL

URL: https://profile.theguardian.com/signin?INTCMP=DOTCOM_NEWHEADER_SIGNIN&ABCMP=ab-sign-in&componentEventParams=componentType%3Didentityauthentication%26componentId%3Dguardian_signin_header
Title: Sign in

Search URL Search Domain Scan URL

URL: https://jobs.theguardian.com/
Title: Search jobs

Search URL Search Domain Scan URL

URL: https://www.google.co.uk/advanced_search?q=site:www.theguardian.com
Title: Search

Search URL Search Domain Scan URL

URL: https://support.theguardian.com/eu/contribute?REFPVID=loqyhftwo9gc0tkezj7j&INTCMP=header_support_2023-09-20_EUROPEHEADER_TEST__EU_V1_EUROPE&acquisitionData=%7B%22source%22%3A%22GUARDIAN_WEB%22%2C%22componentId%22%3A%22header_support_2023-09-20_EUROPEHEADER_TEST__EU_V1_EUROPE%22%2C%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22campaignCode%22%3A%22header_support_2023-09-20_EUROPEHEADER_TEST__EU_V1_EUROPE%22%2C%22abTests%22%3A%5B%7B%22name%22%3A%222023-09-20_EUROPEHEADER_TEST__EU%22%2C%22variant%22%3A%22V1_EUROPE%22%7D%5D%2C%22referrerPageviewId%22%3A%22loqyhftwo9gc0tkezj7j%22%2C%22referrerUrl%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails%22%2C%22isRemote%22%3Atrue%7D&numArticles=0
Title: Support us

Search URL Search Domain Scan URL

URL: https://support.theguardian.com/?INTCMP=side_menu_support&acquisitionData=%7B%22source%22:%22GUARDIAN_WEB%22,%22componentType%22:%22ACQUISITIONS_HEADER%22,%22componentId%22:%22side_menu_support%22%7D
Title: Support us

Search URL Search Domain Scan URL

URL: https://support.theguardian.com/subscribe/weekly?REFPVID=&INTCMP=undefined&acquisitionData=%7B%22source%22%3A%22GUARDIAN_WEB%22%2C%22componentId%22%3A%22PrintSubscriptionsHeaderLink%22%2C%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22referrerPageviewId%22%3A%22%22%2C%22referrerUrl%22%3A%22%22%7D
Title: Print subscriptions

Search URL Search Domain Scan URL

URL: https://holidays.theguardian.com/?INTCMP=holidays_int_web_newheader
Title: Holidays

Search URL Search Domain Scan URL

URL: https://theguardian.newspapers.com/
Title: Digital Archive

Search URL Search Domain Scan URL

URL: https://puzzles.theguardian.com/download
Title: Guardian Puzzles app

Search URL Search Domain Scan URL

URL: https://licensing.theguardian.com/
Title: Guardian Licensing

Search URL Search Domain Scan URL

URL: https://www.wordiply.com/
Title: Wordiply

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theguardian
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/guardian
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=180444840287&href=https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails%3FCMP%3Dshare_btn_fb

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Booking.com+customers+targeted+by+scam+%E2%80%98confirmation%E2%80%99+emails&url=https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails%3FCMP%3Dshare_btn_tw

Search URL Search Domain Scan URL

URL: https://partner.booking.com/en-gb/community/other-discussions/there-are-hackers-sending-message-our-guests-payments
Title: complains Hotel de Colegio.

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?=title=Booking.com+customers+targeted+by+scam+%E2%80%98confirmation%E2%80%99+emails&mini=true&url=https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails%3F

Search URL Search Domain Scan URL

URL: https://syndication.theguardian.com/automation/?url=https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails&type=article&internalpagecode=money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails
Title: Reuse this content

Search URL Search Domain Scan URL

URL: https://workforus.theguardian.com/
Title: Work for us

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheGuardian
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/guardian
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/theguardian
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://advertising.theguardian.com/
Title: Advertise with us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bookingcom-customers-targeted-by-scam-confirmation-emails Show response
www.theguardian.com/money/2023/oct/23/ 294 KB
48 KB 100ms
27ms Document
text/html 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca7c678c52860dfd12bb6cd288c8dd518bef87d9f6418c48f7ecfd4247157091

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 753
cache-control: max-age=60, stale-while-revalidate=6, stale-if-error=864000, private,no-transform
content-encoding: gzip
content-length: 47356
content-security-policy: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 08:57:43 GMT
etag: W/"hash-5563424280068819120"
feature-policy: camera 'none'; microphone 'none'; midi 'none'; geolocation 'none'
link: <https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/frameworks.web.2fd8146acb8ccbee8a8b.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true>; rel=prefetch,<https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true>; rel=prefetch,,<https://assets.guim.co.uk/>; rel=preconnect,<https://i.guim.co.uk>; rel=preconnect,<https://j.ophan.co.uk>; rel=preconnect,<https://ophan.theguardian.com>; rel=preconnect,<https://api.nextgen.guardianapps.co.uk>; rel=preconnect,<https://hits-secure.theguardian.com>; rel=preconnect,<https://interactive.guim.co.uk>; rel=preconnect,<https://phar.gu-web.net>; rel=preconnect,<https://static.theguardian.com>; rel=preconnect,<https://support.theguardian.com>; rel=preconnect
onion-location: https://www.guardian2zotagl6tmjucg3lrhxdk4dw3lhbqnkvvkywawy3oqfoprid.onion/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails
permissions-policy: camera=(), microphone=(), midi=(), geolocation=(), interest-cohort=()
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-gu-dotcomponents: true
x-gu-edition: eur
x-gu-frontend-git-commit-id: 3671d15620a8b8015f2f9c44dc068094d92e8430
x-timer: S1699520263.194430,VS0,VE16
x-xss-protection: 1; mode=block

GET
H2 200 polyfill.min.js
assets.guim.co.uk/polyfill.io/v3/ 0
884 B 37ms
22ms Other
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
age: 759475
detected-user-agent: Chrome/119.0.0
x-cache: MISS
x-gu-debug-url: /v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
server-timing: HIT, fastly;desc="Edge time";dur=1
content-length: 148
x-served-by: cache-fra-etou8220102-FRA
referrer-policy: origin-when-cross-origin
x-timer: S1699520263.243162,VS0,VE16
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/119.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 frameworks.web.2fd8146acb8ccbee8a8b.js
assets.guim.co.uk/assets/ 0
21 KB 20ms
6ms Other
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/frameworks.web.2fd8146acb8ccbee8a8b.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: WCjldkHlTHotdEo4RkkbGLyXKjDunQec
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 88VTYQKDSKPQ6X3D
age: 1884322
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/frameworks.web.2fd8146acb8ccbee8a8b.js?http3=true
fastly-restarts: 1
x-amz-id-2: 4/PPODpFP6iHP5eDj8hcY3x97oypogcJ52bhWGEY8oknZpd5Le4j5eoVEsgHx8RtQSObL4la218=
x-served-by: cache-fra-etou8220102-FRA
content-length: 20781
last-modified: Wed, 18 Oct 2023 13:30:31 GMT
server: AmazonS3
x-timer: S1699520263.242997,VS0,VE0
etag: "a940dc59a20564c3a981601b2413f51f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 23737

GET
H2 200 index.web.627cd0002c4ebb8f8266.js
assets.guim.co.uk/assets/ 0
37 KB 19ms
12ms Other
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: UsnbtPo.UTPVi0FxD1B17Tu65pITxU6H
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 1XH2ZVSS92P4CWQ9
age: 77462
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/index.web.627cd0002c4ebb8f8266.js?http3=true
fastly-restarts: 1
x-amz-id-2: RU7dyZ5y5KypBQCJ2F+XmQS5XjSdtau2XeyC1HTf/gTZ3InG1dB6iBlCwm4SSGTW0ob4PxRKLCYgWLwweSrxxQ==
x-served-by: cache-fra-etou8220102-FRA
content-length: 37820
last-modified: Wed, 08 Nov 2023 11:25:06 GMT
server: AmazonS3
x-timer: S1699520263.291478,VS0,VE0
etag: "4dea16666387028846e2599c0316e99f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1206

GET
H2 200 graun.standalone.commercial.js
assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/ 0
84 KB 19ms
12ms Other
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 4dKfqjiil5gYiPotSpF.ruUWG1nI7lq4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 9ZN8EGH58EH1D2X1
age: 684970
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true
fastly-restarts: 1
x-amz-id-2: QpWskg59ovho5mdJquYV3Cd97/EyowcioIzr6bzWx5PzaO2k+yGTt0cAmSGctu+Id/NI2MfXCH6LljLke2MDNw==
x-served-by: cache-fra-etou8220102-FRA
content-length: 85070
last-modified: Wed, 01 Nov 2023 10:37:43 GMT
server: AmazonS3
x-timer: S1699520263.291457,VS0,VE0
etag: "1fd886ab4677cd6bbeae306723209e4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 6417

GET
H2 200 GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 16 KB
17 KB 67ms
17ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: cZB.5DOXNYvF_6or5.utmjVZGw4SnT9B
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 9AZAT6Y8FKKXANYH
age: 23475408
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: 86QGrXZzIdSg76ZMkfER3s/+GFm1dZajFVVtJgFms9/hma8IAwm13eKhuJLueHK1PjP9N4wMeyA=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 16492
last-modified: Fri, 10 Feb 2023 15:45:10 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.273431,VS0,VE0
etag: "f5d54732577509c40f5a5a47f47aeab5"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 16481

GET
H2 200 GuardianTextEgyptian-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 16 KB
17 KB 71ms
21ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: NppmnaNT0.flIJWpyurLSQmcrEPnbJ4q
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 91ZRTWCETB4XKBJ6
age: 1937724
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-Regular.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: g8kaJKT9j+g+Y0ny8ZshjuE95iNorN20xGgOzDlrHWExmq4Jfs4efXfv84gc4UD70lTwCEIjFb8=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 16792
last-modified: Fri, 10 Feb 2023 15:45:04 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.273674,VS0,VE0
etag: "66184690aa8f829b88f8d7b855ec63fd"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 15018

GET
H2 200 polyfill.min.js Show response
assets.guim.co.uk/polyfill.io/v3/ 165 B
221 B 23ms
11ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
age: 759475
detected-user-agent: Chrome/119.0.0
x-cache: HIT
x-gu-debug-url: /v3/polyfill.min.js?rum=0&features=es6%2Ces7%2Ces2017%2Ces2018%2Ces2019%2Cdefault-3.6%2CHTMLPictureElement%2CIntersectionObserver%2CIntersectionObserverEntry%2CURLSearchParams%2Cfetch%2CNodeList.prototype.forEach%2Cnavigator.sendBeacon%2Cperformance.now%2CPromise.allSettled&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1&http3=true
server-timing: HIT, fastly;desc="Edge time";dur=1
content-length: 148
x-served-by: cache-fra-etou8220102-FRA
referrer-policy: origin-when-cross-origin
x-timer: S1699520263.291047,VS0,VE0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/119.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 frameworks.web.2fd8146acb8ccbee8a8b.js Show response
assets.guim.co.uk/assets/ 54 KB
21 KB 72ms
22ms Script
application/javascript 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/frameworks.web.2fd8146acb8ccbee8a8b.js?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a598b602a4d6e69b5a7d58f399bccbc9c1b78e778b21d3807a3524a998dedd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: WCjldkHlTHotdEo4RkkbGLyXKjDunQec
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 88VTYQKDSKPQ6X3D
age: 1884322
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/frameworks.web.2fd8146acb8ccbee8a8b.js?http3=true
fastly-restarts: 1
x-amz-id-2: 4/PPODpFP6iHP5eDj8hcY3x97oypogcJ52bhWGEY8oknZpd5Le4j5eoVEsgHx8RtQSObL4la218=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 20781
last-modified: Wed, 18 Oct 2023 13:30:31 GMT
server: AmazonS3
x-timer: S1699520263.273898,VS0,VE0
etag: "a940dc59a20564c3a981601b2413f51f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 15870

GET
H2 200 index.web.627cd0002c4ebb8f8266.js Show response
assets.guim.co.uk/assets/ 109 KB
38 KB 63ms
13ms Script
application/javascript 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94fe0d2285c389753c3edb6b831060fb9ad11e0901eec47217cff7f281cc037b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: UsnbtPo.UTPVi0FxD1B17Tu65pITxU6H
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 1XH2ZVSS92P4CWQ9
age: 77462
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/index.web.627cd0002c4ebb8f8266.js?http3=true
fastly-restarts: 1
x-amz-id-2: RU7dyZ5y5KypBQCJ2F+XmQS5XjSdtau2XeyC1HTf/gTZ3InG1dB6iBlCwm4SSGTW0ob4PxRKLCYgWLwweSrxxQ==
x-served-by: cache-fra-eddf8230024-FRA
content-length: 37820
last-modified: Wed, 08 Nov 2023 11:25:06 GMT
server: AmazonS3
x-timer: S1699520263.273068,VS0,VE0
etag: "4dea16666387028846e2599c0316e99f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1197

GET
H2 200 graun.standalone.commercial.js Show response
assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/ 270 KB
84 KB 23ms
11ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c1ea16238eb84736874d79a7c0878e8702d5fb329a6d9cf0c0caaef9d5fbdb48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 4dKfqjiil5gYiPotSpF.ruUWG1nI7lq4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 9ZN8EGH58EH1D2X1
age: 684970
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true
fastly-restarts: 1
x-amz-id-2: QpWskg59ovho5mdJquYV3Cd97/EyowcioIzr6bzWx5PzaO2k+yGTt0cAmSGctu+Id/NI2MfXCH6LljLke2MDNw==
x-served-by: cache-fra-etou8220102-FRA
content-length: 85070
last-modified: Wed, 01 Nov 2023 10:37:43 GMT
server: AmazonS3
x-timer: S1699520263.291506,VS0,VE0
etag: "1fd886ab4677cd6bbeae306723209e4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 6418

GET
H2 200 print.css
assets.guim.co.uk/static/frontend/css/ 81 B
392 B 22ms
12ms Stylesheet
text/css 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/css/print.css

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: EqG9GQgiGkuExtZ741NjJAINLNuc8Nue
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: PHBMS5YXFBPTGQQ8
age: 1999138
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/css/print.css
fastly-restarts: 1
x-amz-id-2: UNO7UyXHy8KhC6ghHWduAkdEbQPubrotbxRWC9mSeHSKchcA06bn7AjoJMbsnvWZfElg81YfoEw=
x-served-by: cache-fra-etou8220102-FRA
content-length: 91
last-modified: Thu, 20 Oct 2022 14:59:06 GMT
server: AmazonS3
x-timer: S1699520263.291480,VS0,VE0
etag: "db34472656eebc5c36590124014292c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 20003

GET
H2 200 3775.jpg
i.guim.co.uk/img/media/f88b8b584e0bafc4332248dcce1461e99588455d/0_163_3775_2264/master/ 46 KB
46 KB 66ms
28ms Image
image/avif 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.guim.co.uk/img/media/f88b8b584e0bafc4332248dcce1461e99588455d/0_163_3775_2264/master/3775.jpg?width=620&dpr=1&s=none
Requested by: Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2940ab435effcf0a12a87b38f40f70e6a0f3e394b3a0310d11449a6efaa9aec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: img09-europe-west2
age: 1448332
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2971187 idim=3775x2264 ifmt=jpeg ofsz=47212 odim=620x372 ofmt=avif
fastly-stats: io=1
x-amz-meta-bounds-y: 163
content-length: 47212
x-served-by: cache-lcy-eglc8600069-LCY, cache-fra-etou8220102-FRA
server: AmazonS3
x-timer: S1699520263.329813,VS0,VE2
etag: "7pWE0o4BFAlo3ElLRQykgAZvSAdHQjHr6aTDa1asHuo"
x-amz-meta-bounds-height: 2264
x-amz-meta-bounds-width: 3775
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-meta-aspect-ratio: 5:3
timing-allow-origin: https://www.theguardian.com
x-amz-meta-bounds-x: 0
x-cache-hits: 1, 1

GET
H2 200 Miles_Brignall,_L.png
i.guim.co.uk/img/uploads/2017/12/20/ 3 KB
3 KB 65ms
28ms Image
image/avif 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.guim.co.uk/img/uploads/2017/12/20/Miles_Brignall,_L.png?width=140&dpr=1&s=none
Requested by: Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d60a7857461366f690fbfc2378bdf9ef2b56a88c3e0986b971056d6b5ac192c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 8483213
x-cache: HIT, HIT
fastly-io-info: ifsz=462512 idim=720x600 ifmt=png ofsz=2793 odim=140x117 ofmt=avif
fastly-stats: io=1
content-length: 2793
x-served-by: cache-lcy-eglc8600055-LCY, cache-fra-etou8220102-FRA
server: AmazonS3
x-timer: S1699520263.329822,VS0,VE2
etag: "hGvB4OlQ4ieNqN+H0S4Ex+C40aARa4NBTYBdvVQZZBs"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.theguardian.com
x-cache-hits: 1592, 1

GET
H2 200 GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 15 KB
15 KB 24ms
11ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: tKKp.XjpprpAViNnE3ezgGnqSJ6ReAZm
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 3WERCHSAK180G508
age: 23475467
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: cgaqnAx/ccC6dI7PibQa1mRFEEU9YKGwLmax00VnToNbuEhpBIGz4HJJ5OIljYDskIezr8lM19I=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 15416
last-modified: Fri, 10 Feb 2023 15:45:12 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.311735,VS0,VE0
etag: "5c9af23772b65de0d3f1fb8638c196b4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 15937

GET
H2 200 GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 17 KB
18 KB 24ms
12ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: Msu4H0RN5fNTmFpmsaDu.cipueaXmWBh
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 17VF5DM2TTH9RVSY
age: 23475340
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: v8diY3QO6qgN9f0wiy68dWMugFw5fFeYu+4Z2G6Op8hv3rVXPLlRiXm+hhbTcUJmiNA6lKtLG/o=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 17376
last-modified: Fri, 10 Feb 2023 15:45:11 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.311735,VS0,VE0
etag: "227b6e4f26bef19d8f2815f6097b7b7c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 15940

GET
H2 200 GHGuardianHeadline-Light.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 15 KB
16 KB 30ms
18ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: tM62LOrdLaMKn7SwsykFpyDsGOAwuAG3
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: AW4KVZKF8NDH124C
age: 1409707
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Light.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: mB904M+i36tF2ZVJ/waHBC3ZqKlOIwxn9e7N4nzYbMI+RYGzKFjjgqRF93Bc2DeciXiTKhpsDGw=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 15764
last-modified: Fri, 10 Feb 2023 15:45:10 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.311973,VS0,VE0
etag: "5acde69d26abfad0f3ef938733057577"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 11340

GET
H2 200 GHGuardianHeadline-Medium.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 16 KB
17 KB 23ms
11ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: HHIQ3WeGDwVAN5VSRXOfuICG.s7kCaes
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: SNARZ4P87FRQ5C3J
age: 23475359
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Medium.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: c2uBFBGtenF/y+gfu9RTrgfbydsHTgXjzdrkySPn4hpyyswAPdna8Cs/hy7trx0kpT5pW01eNTs=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 16612
last-modified: Fri, 10 Feb 2023 15:45:10 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.311698,VS0,VE0
etag: "08f5422d28aa5861fac0170cef914db8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 15434

GET
H2 200 GuardianTextEgyptian-RegularItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/ 17 KB
18 KB 23ms
11ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-RegularItalic.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d1da416a71b864e9a36112077810f09dbd481ec020b6112ee80d52d394084a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: pDd52OH9i9PjnnqIjURI43Cp_zy7T1Lh
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: QRD2RP2D5DA2NG4Z
age: 718546
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-textegyptian/noalts-not-hinted/GuardianTextEgyptian-RegularItalic.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: V4eWPNk99F5Ls7d57vcsuSNB547dkpDqQHSBxTjYA0J6bfUReXyyi6cpcW5xESCt/X9/ZdKfTtE=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 17836
last-modified: Fri, 10 Feb 2023 15:45:04 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.311683,VS0,VE0
etag: "56b80ffcda5838d0e6f48aa0afbf42cb"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 75

GET
H2 200 GHGuardianHeadline-MediumItalic.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.theguardian.com/
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: aOcyf0Rw_c_KHyqgDfMRZ62nHs_3ToNn
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 9YT8C8BPYATYCKJ2
age: 1985452
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-MediumItalic.woff2?http3=true
fastly-restarts: 1
x-amz-id-2: JQS8aIH1PXHgSZzlrn66B1Ao/OrgBIZJY8Xk+g/r0XizHF5P3wgwwBLUloEQ0YYQx+j4setW9Ak=
x-served-by: cache-fra-eddf8230024-FRA
content-length: 19052
last-modified: Fri, 10 Feb 2023 15:45:10 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1699520263.332147,VS0,VE0
etag: "f1117595ec5a2cf9f3a9834f42e5fd08"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 13474

GET
H2 200 816.jpg
i.guim.co.uk/img/media/b4c161a8f5bb333855d92c0d800323d6e0a427a9/76_910_816_1569/master/ 32 KB
32 KB 8ms
8ms Image
image/avif 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.guim.co.uk/img/media/b4c161a8f5bb333855d92c0d800323d6e0a427a9/76_910_816_1569/master/816.jpg?width=380&dpr=1&s=none
Requested by: Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30e7f98cd6732424c5f13b251c76a3a6902624325462941583969ba2cc8217d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: img03-europe-west2
age: 1585472
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=265928 idim=816x1569 ifmt=jpeg ofsz=32774 odim=380x731 ofmt=avif
fastly-stats: io=1
x-amz-meta-bounds-y: 910
content-length: 32774
x-served-by: cache-lcy-eglc8600026-LCY, cache-fra-etou8220102-FRA
server: AmazonS3
x-timer: S1699520263.340793,VS0,VE1
etag: "hR11Rt+hUGEf+tsN/iekhXCfkUsFgi/jB1VYnwlAxKs"
x-amz-meta-bounds-height: 1569
x-amz-meta-bounds-width: 816
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: https://www.theguardian.com
x-amz-meta-bounds-x: 76
x-cache-hits: 9, 1

GET
H2 200 1659.web.1f70a3e54e71efe01ee2.js Show response
assets.guim.co.uk/assets/ 839 B
1 KB 8ms
7ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/1659.web.1f70a3e54e71efe01ee2.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7df2a80425f1f1fcbfcfa5f127fe17c548a8fbdc079bcdadcae97f1840b44463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: TXAGwUZy45EwGthWFRS3oEXYltf3yXR0
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 6QZAZ9XM4XADASKT
age: 1712427
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/1659.web.1f70a3e54e71efe01ee2.js
fastly-restarts: 1
x-amz-id-2: tEEEO74S5UY/XM3eFVPN1OV9w5TDL4RlrzTA4uhg0VDK3MXADIm1xhqWekE8FUFXcckoZ1TZAhM=
x-served-by: cache-fra-etou8220102-FRA
content-length: 518
last-modified: Fri, 20 Oct 2023 13:15:17 GMT
server: AmazonS3
x-timer: S1699520263.397688,VS0,VE0
etag: "278a9b57f3fc83ee8205fdc3c1a1849a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17947

GET
H2 200 480.web.c06e7950b689def5ec3d.js Show response
assets.guim.co.uk/assets/ 843 B
797 B 9ms
8ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/480.web.c06e7950b689def5ec3d.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a9e922e1bd8eaf0540e82944501086d2a843c5b52b42a83d15f28f10dacc561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 7c7XO.4umQPhCFoQb.AFf8Qa8dwr36qs
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: CGPJP5HSD7RB8QF4
age: 1712408
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/480.web.c06e7950b689def5ec3d.js
fastly-restarts: 1
x-amz-id-2: wSBP522nUSMQXa/1gaz4mnKyA2Pd0FFyLvHGFqFxJYQcJ1d4Y1kay+CI1vu6LLkoMVoiCiIN8laFrvu1iDZwlQ==
x-served-by: cache-fra-etou8220102-FRA
content-length: 524
last-modified: Fri, 20 Oct 2023 13:15:25 GMT
server: AmazonS3
x-timer: S1699520263.398010,VS0,VE0
etag: "fb830fe42565d5dccd68ffab0653e52f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17721

GET
H2 200 9422.web.3cecc01f38dd7790ccd1.js Show response
assets.guim.co.uk/assets/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/9422.web.3cecc01f38dd7790ccd1.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6a3d1aa57f151a682618cb698ae2ec646edbe2b3c6c1bdaafaa4d58272156bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 2ERAm0UhN6AdBt01gvGrDXKj8xRKFdsh
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 1QMTJRZSG848S4V4
age: 1712391
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/9422.web.3cecc01f38dd7790ccd1.js
fastly-restarts: 1
x-amz-id-2: xSYtvWA1ZXJ7kl7KvV13jNpgxd+lIZ1DLdOSMSHc3onnjkDU5c5iNfdtau65Y3yJ+bERHVQPHAXUgpWF3E73XA==
x-served-by: cache-fra-etou8220102-FRA
content-length: 614
last-modified: Fri, 20 Oct 2023 13:15:35 GMT
server: AmazonS3
x-timer: S1699520263.398012,VS0,VE0
etag: "8cefbd21cadb2552c97445b5117319b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17119

GET
H2 200 4591.web.75f044ffc3d11f2dbded.js Show response
assets.guim.co.uk/assets/ 558 B
724 B 8ms
6ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/4591.web.75f044ffc3d11f2dbded.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3bb30804fbe6f0483929507387bfa0bd67e4dcd4d1d38ae70db6e66991910d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 4WdxY1w4qqXScybVnTwwUUfNn2BCLJh0
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: K1EQRV9FRQSY9FVN
age: 1712381
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/4591.web.75f044ffc3d11f2dbded.js
fastly-restarts: 1
x-amz-id-2: GRwgkNKHKAxnnD57hCo6T1bKPNRLKtxiIoO551cwqLg5/iuKn8au21XWwgTJx73innHznrWYnTA=
x-served-by: cache-fra-etou8220102-FRA
content-length: 404
last-modified: Fri, 20 Oct 2023 13:15:25 GMT
server: AmazonS3
x-timer: S1699520263.397976,VS0,VE0
etag: "65a41e32931b294e87acd412f5a18b66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17595

GET
H2 200 Metrics-importable.web.a2bbf7b9fb44e77a7217.js Show response
assets.guim.co.uk/assets/ 5 KB
3 KB 8ms
7ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/Metrics-importable.web.a2bbf7b9fb44e77a7217.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

592781778a9a04241b7a873c93f9f4497c6e3eca6a815eeb0ccef4e94ec068bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: iItjKpxjJuA08shSXuG6LBIaEMrrSVIR
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 02PDS20BSVYPSFR1
age: 254129
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/Metrics-importable.web.a2bbf7b9fb44e77a7217.js
fastly-restarts: 1
x-amz-id-2: wQK96aVJ2artFl4DULlccxd+AgvkbQ7qvtI/kKqQLPrcGJbrxZYtXKaRce0kdok9fMezMm4G4yY=
x-served-by: cache-fra-etou8220102-FRA
content-length: 2398
last-modified: Mon, 06 Nov 2023 10:20:06 GMT
server: AmazonS3
x-timer: S1699520263.407566,VS0,VE0
etag: "3217266774f5c9981dcdc0b1031fac7b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2763

GET
H2 200 SetABTests-importable.web.b0b8f348466515f7c745.js Show response
assets.guim.co.uk/assets/ 11 KB
4 KB 9ms
8ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/SetABTests-importable.web.b0b8f348466515f7c745.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b29a95844a36f947c8b52c7bb808d422c6c0b10fea4b17ebc42ef8d575f0f4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: xJqr5yNcGOgyAnSFMQdvsTP5OSKeTJgk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 7H9A0V8Z51ZY5J3A
age: 254096
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/SetABTests-importable.web.b0b8f348466515f7c745.js
fastly-restarts: 1
x-amz-id-2: x9fFuK2qr4WTOACbFEydIQEMVl/QOV3ivghKoWLZL+VkgzAhSwOC+vcWExozS5RyKcsMcqZykHE=
x-served-by: cache-fra-etou8220102-FRA
content-length: 3476
last-modified: Mon, 06 Nov 2023 10:20:07 GMT
server: AmazonS3
x-timer: S1699520263.408000,VS0,VE0
etag: "af48e6d939a5e946ef38a02390fb0ed1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2780

GET
H2 200 SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js Show response
assets.guim.co.uk/assets/ 731 B
791 B 9ms
8ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c2d034f935f7a855ef11c1eb539c155aeb31a7fa59932aec205c9e5f7564d26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: P0JpPO1FptjpeabRYC3VhwVllJ1MnChr
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: FMGPSZ4YRQXDSJ95
age: 253054
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/SetAdTargeting-importable.web.9b12fdbde2c37d2f5cc0.js
fastly-restarts: 1
x-amz-id-2: cdxHmdQplYw31ESjfbw20Ehw4uR0AIT9q3ExhwQ5dRS7VahdvKveeMWNK1tXXap48dZRhtGkUTg=
x-served-by: cache-fra-etou8220102-FRA
content-length: 481
last-modified: Mon, 06 Nov 2023 10:38:07 GMT
server: AmazonS3
x-timer: S1699520263.408000,VS0,VE0
etag: "f69c7585b251d4a9280ec36fdaef0b0d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2769

GET
H2 200 4306.web.d771386cbedb956c96f2.js Show response
assets.guim.co.uk/assets/ 23 KB
7 KB 9ms
8ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/4306.web.d771386cbedb956c96f2.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d350fb91d1079280863da5090a4bda0743703cb270499727a98bae6cac2ca9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: GIYMSh64zlJDcXQjSlN83T_8HG0gEJ5n
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: GN3GXBNE020JM1CP
age: 1400941
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/4306.web.d771386cbedb956c96f2.js
fastly-restarts: 1
x-amz-id-2: 8ODpgFxF97nfCCiByW+mNCFao+/PuB0Ryy/bQgI9G+qcpTBNNQNK22HSQ0lGpeqX/wye7pIomoM=
x-served-by: cache-fra-etou8220102-FRA
content-length: 6471
last-modified: Fri, 20 Oct 2023 13:15:24 GMT
server: AmazonS3
x-timer: S1699520263.407972,VS0,VE0
etag: "c20791206400a09eea8e4159dfbe7101"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 5582

GET
H2 200 9568.web.ecdf46913f1849c9a95d.js Show response
assets.guim.co.uk/assets/ 17 KB
6 KB 9ms
9ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/9568.web.ecdf46913f1849c9a95d.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e903cb61bc60b8a10cd236bd29af272aa4e224b742bf1a168944da36e8e30880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 1Tk_m2axahVOYTnOnWq5PU26qmloQhtC
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: S0C9XWRJ6XWYGJDF
age: 1712351
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/9568.web.ecdf46913f1849c9a95d.js
fastly-restarts: 1
x-amz-id-2: H+8DvW0QRVWlBE2KeRtQB2VGKWUgKYz1zYuNYb+IrZO1dg71KPkBOT6iSyM5VxJlnh/QxeisPcw=
x-served-by: cache-fra-etou8220102-FRA
content-length: 5371
last-modified: Fri, 20 Oct 2023 13:15:35 GMT
server: AmazonS3
x-timer: S1699520263.408395,VS0,VE0
etag: "b12825d21c0df8e80892971ce3570762"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17754

GET
H2 200 HeaderTopBar-importable.web.d349ee9fc985727b504e.js Show response
assets.guim.co.uk/assets/ 37 KB
11 KB 9ms
9ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/HeaderTopBar-importable.web.d349ee9fc985727b504e.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0b7983748b77fb3f420e91e967648481bdc13e1d6906ca37d9f7f252a8fedd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: hfIJUIgfGn0.JOLppb5LZnzTVTcUVHTF
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: VXKSRKK67VKJF8G8
age: 748891
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/HeaderTopBar-importable.web.d349ee9fc985727b504e.js
fastly-restarts: 1
x-amz-id-2: hvJLOVIheBQGK8Z4tMYuwo7hFv6tkrnwR0bUgk3rmr2+zXzju2HphLa/Sw/UqaXzXxFMyjC1m9pNtoHXjU9l6g==
x-served-by: cache-fra-etou8220102-FRA
content-length: 10979
last-modified: Tue, 31 Oct 2023 16:54:26 GMT
server: AmazonS3
x-timer: S1699520263.408368,VS0,VE0
etag: "0b93dbb5a3e7cf4bbd0e6ddb74a4fbf5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 6058

GET
H2 204 1
ophan.theguardian.com/img/ 0
487 B 111ms
28ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/1?v=17&platform=next-gen&url=https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails%3Fmwg_rnd%3D8558575&ref=&visibilityState=visible&tz=-60&navigationType=navigate&contentType=article&viewId=loqyhftwo9gc0tkezj7j

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 111ms
29ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&inPrivateBrowsingMode=false

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
sourcepoint.theguardian.com/unified/ 123 KB
38 KB 19ms
10ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
content-encoding: gzip
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
age: 673
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-etou8220102-FRA
last-modified: Thu, 02 Nov 2023 15:08:07 GMT
server: AmazonS3
x-timer: S1699520263.431208,VS0,VE1
etag: W/"74fa9eeecc0f7ce308ddca60b7ef2b93"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: v6ewUGpDX3sBxITywHlBicmYT8O6uGWaUrPBVH8pPCeJTzNfIDaDIA==
x-cache-hits: 0

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 103ms
29ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&edition=EUR

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 103ms
30ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&abTestRegister=%7B%22abophanEsmVariant%22%3A%7B%22variantName%22%3A%22variant%22%2C%22complete%22%3Afalse%7D%7D

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 102ms
30ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&experiences=dotcom-rendering

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 gdpr-tcf.29a1390ca5468e08c1ee.bundle.js Show response
sourcepoint.theguardian.com/unified/4.13.4/ 134 KB
24 KB 8ms
8ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/unified/4.13.4/gdpr-tcf.29a1390ca5468e08c1ee.bundle.js

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
age: 582498
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-etou8220102-FRA
last-modified: Wed, 18 Oct 2023 19:09:03 GMT
server: AmazonS3
x-timer: S1699520263.481147,VS0,VE2
etag: W/"44467dde87d7b7afea5d9256b34c9523"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qmYPWAbBXFuMl_crZ8Uh8KlU1d0Hdo2MBzRHO3wLOkdnhmRqZM6JPg==
x-cache-hits: 0

GET
H2 200 get_site_data Show response
sourcepoint.theguardian.com/mms/v2/ 207 B
598 B 30ms
29ms XHR
application/javascript 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails&account_id=1257

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront), 1.1 varnish
x-sp-mms-node: ip-10-128-32-217
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
age: 73135
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520263.490366,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: HHCo5y5Bf5dp7SIbKrAKfLTS0getXt86pTOewP6aNIYko9ynYQ1kEQ==
x-cache-hits: 0

GET
H2 200 8085.web.49622c46b177a8386233.js Show response
assets.guim.co.uk/assets/ 7 KB
3 KB 18ms
17ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/8085.web.49622c46b177a8386233.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1f6b2b62d2f6d7d86be696b424b6d11d1af29308d934371f9697a8659f27898c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: g7m09P2HNofAztPhk30p9ehp5Vk3YKW4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: AYQYJSPH31BNXQMG
age: 1999154
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/8085.web.49622c46b177a8386233.js
fastly-restarts: 1
x-amz-id-2: x4vCGh4zyRpz6dsWLlGie6xVitCMr+yMpa7Hk5n4bwguXSbOeiY7ZNajhcWspJQwfeRWSO036FI=
x-served-by: cache-fra-etou8220102-FRA
content-length: 2594
last-modified: Thu, 07 Sep 2023 10:22:04 GMT
server: AmazonS3
x-timer: S1699520263.495202,VS0,VE0
etag: "a0d918c4e1d1911813ff92e09ca294f7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 19113

GET
H2 200 FocusStyles-importable.web.494ac61b529def96eb8c.js Show response
assets.guim.co.uk/assets/ 1 KB
909 B 18ms
17ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/FocusStyles-importable.web.494ac61b529def96eb8c.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62b838a3e0936f72d25e0ba795bbe56fec047bacf36798562f2d5b2dc56520cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: Zsy6gN7fhIhlZ5U5ZqmpFt0LcelkJXpZ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: Q11NQF1G7Z0MB3YY
age: 1712416
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/FocusStyles-importable.web.494ac61b529def96eb8c.js
fastly-restarts: 1
x-amz-id-2: fXSI8R4PnHUXIbxB4CTTtGCCnpMTLGkzNTr6fV345p8YkrHfEjnOISssZ2BqX0jWfrYBIaFy4cw=
x-served-by: cache-fra-etou8220102-FRA
content-length: 607
last-modified: Fri, 20 Oct 2023 13:15:18 GMT
server: AmazonS3
x-timer: S1699520263.495390,VS0,VE0
etag: "d987baa0cd3dc53340e22651e6055f9c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17067

GET
H2 200 AlreadyVisited-importable.web.a57f8a885fb0cd8e9eac.js Show response
assets.guim.co.uk/assets/ 607 B
877 B 18ms
18ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/AlreadyVisited-importable.web.a57f8a885fb0cd8e9eac.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

962d2108569647b15b9e0755abd368a29adcda526fb6b45d4aa5695f695504ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: YPhLZDZeCcyIB6HBQYCcDavzCXbmdRyH
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: DNFW8C7K07EJCY33
age: 1712350
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/AlreadyVisited-importable.web.a57f8a885fb0cd8e9eac.js
fastly-restarts: 1
x-amz-id-2: Kji7dzWMLq999d3ogbOFP7p0R6aO83kIWBuwB++BBeVDceYiO5HiCynR7Q70GW3wDEq1B6Sq9VMxOEehf2Pf0Q==
x-served-by: cache-fra-etou8220102-FRA
content-length: 412
last-modified: Fri, 20 Oct 2023 13:15:37 GMT
server: AmazonS3
x-timer: S1699520263.495547,VS0,VE0
etag: "0d572c563e740b6897e9a0bc086a59fd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17624

GET
H2 200 BrazeMessaging-importable.web.d9fea1292c190c05fcfd.js Show response
assets.guim.co.uk/assets/ 17 KB
6 KB 18ms
18ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/BrazeMessaging-importable.web.d9fea1292c190c05fcfd.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c27e2b30dae3bd5c53c041c55e19305ad403339f08f49f5a690639373a395207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: s3IrtRBo7MSzxKw.sSamGhzS0bxJc_.7
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: VXKVZ1FHF67WNN0Z
age: 748890
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/BrazeMessaging-importable.web.d9fea1292c190c05fcfd.js
fastly-restarts: 1
x-amz-id-2: rg3E0NVtEK7iI/SBRBYhlmo8wFX6l4PYMNqF0GJP28ZK9dC+ifyrAlj4GZ8+AOFttMj/f9vKVPA=
x-served-by: cache-fra-etou8220102-FRA
content-length: 5554
last-modified: Tue, 31 Oct 2023 16:54:46 GMT
server: AmazonS3
x-timer: S1699520263.495527,VS0,VE0
etag: "1400ad29b44be3052d61658680511ae8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 6057

GET
H2 200 ReaderRevenueDev-importable.web.d67a30977c1e6f627f03.js Show response
assets.guim.co.uk/assets/ 803 B
859 B 18ms
18ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/ReaderRevenueDev-importable.web.d67a30977c1e6f627f03.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

249f31b97fc26b058669ae7320b4efb49c8aaa3a2f96011a67da7a31ecf7a98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: oBZ70eiPqsGmqrWcdfnRCWLZnYrfMTQc
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 2HWV69QEVCZT37K6
age: 748882
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/ReaderRevenueDev-importable.web.d67a30977c1e6f627f03.js
fastly-restarts: 1
x-amz-id-2: kn8ydXTbmcOL+WINdyAU629g1tG0t8Xi3yHXcuYM0uef4ov/ADJg99mR2FPK3fwmmXL7zy+m3Wc=
x-served-by: cache-fra-etou8220102-FRA
content-length: 485
last-modified: Tue, 31 Oct 2023 16:54:31 GMT
server: AmazonS3
x-timer: S1699520263.495973,VS0,VE0
etag: "0a57a200e12559dff01bffd27a8a2b95"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 6149

GET
H2 200 1149.web.1e7e488914358aa5c665.js Show response
assets.guim.co.uk/assets/ 7 KB
3 KB 19ms
18ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/1149.web.1e7e488914358aa5c665.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8d1c2d51cd172a89facc5a9f381cb5ec187ee6be0f75860b738a8dfca56f5f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: e48JNzkUhNRxvnLw7HtBrroykFUK8anQ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: FK4YSAW7MS72S1DS
age: 1712430
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/1149.web.1e7e488914358aa5c665.js
fastly-restarts: 1
x-amz-id-2: JGOW8T+F+D8llnf8sG+Gv9LZlHwwa5ZLzrls4p4B01LApd0znwzBg06Y4d9wrNy7Kqpu0r65g1YTle4qG+PhRQ==
x-served-by: cache-fra-etou8220102-FRA
content-length: 2919
last-modified: Fri, 20 Oct 2023 13:15:16 GMT
server: AmazonS3
x-timer: S1699520263.497456,VS0,VE0
etag: "2f2fe8dc2c365e988c9cbe2039288bcc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 12376

GET
H2 200 SupportTheG-importable.web.4e23b0535f002b7634f9.js Show response
assets.guim.co.uk/assets/ 13 KB
5 KB 20ms
19ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/SupportTheG-importable.web.4e23b0535f002b7634f9.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

54580fbbda221f30b1faede22e8c30fe944b83bd03d2d753780d6245eecf8c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: tH6Qqxbd47RRsj_s825UDnqqEGwXJJgt
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 2HWMC9ASDEZ9PSFZ
age: 748882
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/SupportTheG-importable.web.4e23b0535f002b7634f9.js
fastly-restarts: 1
x-amz-id-2: 35nPVi+Em5om/MdJ0oJnbVPhsxAykNxK0KMfNCaKa51r5zhutY8TT4hiw9xPglBC3A/GEEH+kVU=
x-served-by: cache-fra-etou8220102-FRA
content-length: 5090
last-modified: Tue, 31 Oct 2023 16:54:35 GMT
server: AmazonS3
x-timer: S1699520263.497621,VS0,VE0
etag: "3591998c840af9887b783210ff9db6ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 5909

GET
H2 200 SubNav-importable.web.45a8f8447e4b1c93570f.js Show response
assets.guim.co.uk/assets/ 7 KB
3 KB 19ms
18ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/SubNav-importable.web.45a8f8447e4b1c93570f.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7fd3e7e40af2f9e73451be33accaaf7916d71ab6fdf242b1c8f31ff0bf80f134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: gfkSrZg4eMVCed5Wqj2fUjM0hjIWa2LC
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 3FGCEJXAG14QN011
age: 1712437
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/SubNav-importable.web.45a8f8447e4b1c93570f.js
fastly-restarts: 1
x-amz-id-2: E+tYmIRgYz0nJnh1j8ARxOh8cTwtVnuKcRAoNMvBdEuEOspQmJAWfLRiN2G46ARRDBt0SfPQc/CpLukP40hT/g==
x-served-by: cache-fra-etou8220102-FRA
content-length: 2363
last-modified: Fri, 20 Oct 2023 13:15:29 GMT
server: AmazonS3
x-timer: S1699520263.497681,VS0,VE0
etag: "c84f5be73bfb433834fba7719e5291de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17046

GET
H2 200 8268.web.b6e2bc6cfe89ed880a14.js Show response
assets.guim.co.uk/assets/ 38 KB
6 KB 20ms
18ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/8268.web.b6e2bc6cfe89ed880a14.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b5bd04dbb835fbc17c3d9ee0379f33718271b6b1031f57c31f35b9f07034e5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: YPZIHVmh3wJVJK5OeegyTuNibyUQlVF9
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: VARZNR269KW3TEF8
age: 161162
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/8268.web.b6e2bc6cfe89ed880a14.js
fastly-restarts: 1
x-amz-id-2: 6So236ieVnu7Rs4TRDVbgHgFz3cok4mQ3xorHycY3fx6jXH4U8b4sp3out84W7Q24usKCCx+gK79A6GtAcy9fg==
x-served-by: cache-fra-etou8220102-FRA
content-length: 5633
last-modified: Tue, 07 Nov 2023 12:10:12 GMT
server: AmazonS3
x-timer: S1699520263.498273,VS0,VE0
etag: "bcc3daea79528dcd2495ae2486d37aa5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1712

GET
H2 200 CommentCount-importable.web.afb7e6d85acb031f58f8.js Show response
assets.guim.co.uk/assets/ 7 KB
3 KB 21ms
19ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/CommentCount-importable.web.afb7e6d85acb031f58f8.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36b8e54ccc30b2509d09054b64ad16193d1e7243e69b5a3125c5a8719353b311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: Dm75DntHeyIU4gDZ3pM5yLTK5QGxx5Uu
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: DNFN9KKHBYHEE6Z0
age: 1712350
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/CommentCount-importable.web.afb7e6d85acb031f58f8.js
fastly-restarts: 1
x-amz-id-2: iyPURQYdiMVROvHkS1Zl+6xE6SQzUUViw7R4hNoM+ccaDDACewpfA+YrEYmMB87l+SExDSifybw=
x-served-by: cache-fra-etou8220102-FRA
content-length: 2856
last-modified: Fri, 20 Oct 2023 13:15:16 GMT
server: AmazonS3
x-timer: S1699520263.498282,VS0,VE0
etag: "8ce595ffa1fde65bd99172b108ced231"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 5591

GET
H2 200 1294.web.aa408bd427c366ccfc8a.js Show response
assets.guim.co.uk/assets/ 16 KB
6 KB 20ms
18ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/1294.web.aa408bd427c366ccfc8a.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2d40b2088cfcdc50fb6691d40724f54798e96fe0519db736cfda15fa53c0abd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: cKRJp7uE.XH6TEw3k844u_MUp9VU3gR0
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: Q7VFJ5NZ3SGN1CS0
age: 1712409
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/1294.web.aa408bd427c366ccfc8a.js
fastly-restarts: 1
x-amz-id-2: Cjs7bWWXxh5CYmI8sFhzpUhdxDzSmswo3teLd+NYlwAgHCNolZu1K8QT5WRluzZtQlO3ttpdFMU=
x-served-by: cache-fra-etou8220102-FRA
content-length: 5368
last-modified: Fri, 20 Oct 2023 13:15:16 GMT
server: AmazonS3
x-timer: S1699520263.498250,VS0,VE0
etag: "93d786caf34f4763c5e9e7f57409c790"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 17978

GET
H2 200 8172.web.5dbc743263ec27335d1c.js Show response
assets.guim.co.uk/assets/ 6 KB
3 KB 21ms
19ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/8172.web.5dbc743263ec27335d1c.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92178eea3a6ec8ca224e9972aaa4e1ebe2a672fdaddd1ac813304304e88672ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: hJz0j8QTgYBZragdkxfqErPymJgom8yF
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 2HWY0JVW061FVBQJ
age: 748882
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/8172.web.5dbc743263ec27335d1c.js
fastly-restarts: 1
x-amz-id-2: UN2SZ+PEEM2nDWrwDtjgAAmYjCIBj86QfT/BDyro7D4Ij9Zd0zgwae36kM5BhGwNj2re40xGQPc=
x-served-by: cache-fra-etou8220102-FRA
content-length: 2535
last-modified: Tue, 31 Oct 2023 16:54:39 GMT
server: AmazonS3
x-timer: S1699520263.498390,VS0,VE0
etag: "13af666590ac0de938defa77df49687b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 5999

GET
H2 200 4265.web.d341cb63847ad6cd7955.js Show response
assets.guim.co.uk/assets/ 7 KB
3 KB 24ms
22ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/4265.web.d341cb63847ad6cd7955.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

64c7445bccfde1d32c63511354cfeaf89bfae87e086579f348375b1ddb93b9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: yni6I_mV5IUy2.wJCbIn48T6GWN6fn9E
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 2HWNGJFW86F6GQE0
age: 748882
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/4265.web.d341cb63847ad6cd7955.js
fastly-restarts: 1
x-amz-id-2: tAuA8OihMYiH6zPQCz21mnKh1v2bXkQkk5yMfUkTYffDGaWFtU+m6Y1jusdFmH4lXjdvM7xp9ow=
x-served-by: cache-fra-etou8220102-FRA
content-length: 2797
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: AmazonS3
x-timer: S1699520264.510998,VS0,VE0
etag: "eead41925fd4f00a9b9b132ee83ef714"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 5981

GET
H2 200 StickyBottomBanner-importable.web.356aeb4c9e65c0e39cef.js Show response
assets.guim.co.uk/assets/ 17 KB
6 KB 23ms
22ms Script
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/assets/StickyBottomBanner-importable.web.356aeb4c9e65c0e39cef.js

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

662ef7d26d43d1c26ae647c1bc7a39facfe7779153c77f81644a61b4448978ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: 0l2LgtPEVjcjagJn1Y7AAlXeAtmdZYND
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 2HWGGZNX9FNT3DP2
age: 748882
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/assets/StickyBottomBanner-importable.web.356aeb4c9e65c0e39cef.js
fastly-restarts: 1
x-amz-id-2: ZPc/EAPKsfsr62uhvt5JRg9XNUEhh2C7E1K1aQILgN1a3tuajogTSlqy4TN4mOlv02cD4UZYfss=
x-served-by: cache-fra-etou8220102-FRA
content-length: 5929
last-modified: Tue, 31 Oct 2023 16:54:34 GMT
server: AmazonS3
x-timer: S1699520264.510988,VS0,VE0
etag: "3faacb5405cea54dbc5dc1e90c311cf5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 6059

GET
H2 200 meta-data Show response
sourcepoint.theguardian.com/wrapper/v2/ 227 B
529 B 9ms
8ms XHR
application/json 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.4&scriptType=unified

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e1cdcbba5b8f60d90a0b4df810e5cecf444b253764565e630d19abcfd1b01b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
age: 2856
x-powered-by: Express
x-cache: Hit from cloudfront, MISS
content-length: 227
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520264.531597,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: Y4ZDCeLp4ARt5-k762TJ7B2dYtRXVMj7XHWjwGwHkOhigWc96pmqaQ==
x-cache-hits: 0

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 31ms
29ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&attentionMs=0

Requested by

Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 meta-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 0
0 10ms
8ms Preflight
text/plain 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.13.4&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.theguardian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 64098
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: fAyFj0f5bKopkPKgfBk9MI6BjPUwu1KzHk49MW11FgObbN1XajYxfQ==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront, MISS
x-cache-hits: 0
x-powered-by: Express
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520264.522553,VS0,VE1

GET
H2 200 messages Show response
sourcepoint.theguardian.com/wrapper/v2/ 32 KB
6 KB 29ms
29ms XHR
application/json 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22framework%22%3A%22tcfv2%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theguardian.com%2Fmoney%2F2023%2Foct%2F23%2Fbookingcom-customers-targeted-by-scam-confirmation-emails%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=434797921436947238fda1&scriptVersion=4.13.4&scriptType=unified

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

2800762a37a916c218da5a0af5c3dfe46b5fadeb2ddb155ec4c912f57a86080b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
x-powered-by: Express
x-cache: Miss from cloudfront, MISS
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520264.565270,VS0,VE21
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: M5BfbNMTU77YvHQbEAmZ4wfOl5pdbWW-Gpy693EwPuzm90XDiMFaZQ==
x-cache-hits: 0

OPTIONS
H2 200 messages
sourcepoint.theguardian.com/wrapper/v2/ Frame 0
0 15ms
15ms Preflight
text/plain 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.theguardian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: iS7fQACKeMRko74FlmQbr-OLb24WL3SA7lHU_c5oRykt77jGvexMoQ==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront, MISS
x-cache-hits: 0
x-powered-by: Express
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520264.549406,VS0,VE8

GET
H2 200 getCommentCounts Show response
discussion.theguardian.com/discussion-api/ 16 B
308 B 87ms
41ms Fetch
application/json 151.101.1.111
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://discussion.theguardian.com/discussion-api/getCommentCounts?short-urls=%2Fp%2Fp5pcg

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.111 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Jetty(9.4.53.v20231009) /

Resource Hash

39547af8f8924f74c9dacd9f2cdbf17e3c327011732a625f980980cfa5f658ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
age: 0
x-cache: MISS, MISS
content-length: 36
x-served-by: cache-lcy-eglc8600023-LCY, cache-fra-etou8220066-FRA
server: Jetty(9.4.53.v20231009)
x-timer: S1699520264.604272,VS0,VE35
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 29ms
28ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&performance=%7B%22dns%22%3A0%2C%22connection%22%3A15%2C%22firstByte%22%3A28%2C%22lastByte%22%3A21%2C%22domContentLoadedEvent%22%3A193%2C%22loadEvent%22%3A127%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D&renderedComponents=%5B%22nav3%22%2C%22nav2%22%2C%22sub-nav%22%2C%22series%22%2C%22section%22%2C%22meta-byline%22%2C%22footer%22%5D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 29ms
29ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 header
contributions.guardianapis.com/ Frame 0
0 43ms
34ms Preflight 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://contributions.guardianapis.com/header
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theguardian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.theguardian.com
date: Thu, 09 Nov 2023 08:57:43 GMT
vary: Origin, Access-Control-Request-Headers
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-powered-by: Express
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520264.598393,VS0,VE27

POST
H2 200 header Show response
contributions.guardianapis.com/ 988 B
1 KB 40ms
38ms Fetch
application/json 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://contributions.guardianapis.com/header
Requested by: Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: a5fdea6b86757110907bcbe5f0d6f52f94cbec23eed4350cb2f14dd837cf7d1b

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-fra-eddf8230024-FRA
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
x-timer: S1699520264.635536,VS0,VE27
x-powered-by: Express
etag: W/"3dc-7CiGVwjY4wI0fuyD2rP+J+Z/fJg"
vary: Origin, Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theguardian.com
accept-ranges: bytes
content-length: 988
x-cache-hits: 0

OPTIONS
H2 200 pv-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 0
0 12ms
10ms Preflight
text/html 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=434797921436947238fda1&scriptVersion=4.13.4&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theguardian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://www.theguardian.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 08:57:43 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: Hb-NJvu97e0ABcvJDUCeiSBbYUKws5aU8Ht3UNpaGOxxHiLYuQ1w8w==
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront, MISS
x-cache-hits: 0
x-powered-by: Express
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520264.644242,VS0,VE5

POST
H2 200 pv-data Show response
sourcepoint.theguardian.com/wrapper/v2/ 194 B
533 B 37ms
36ms XHR
application/json 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=434797921436947238fda1&scriptVersion=4.13.4&scriptType=unified

Requested by

Host: assets.guim.co.uk
URL: https://assets.guim.co.uk/javascripts/commercial/69ee62b88410e555832a/graun.standalone.commercial.js?http3=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

a38fa27864755c19f4fc7e1c7fb017cdabecc61e5df572a9efed5021299d21ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
x-powered-by: Express
x-cache: Miss from cloudfront, MISS
content-length: 194
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1699520264.667229,VS0,VE19
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theguardian.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: oEzkfbH3QCx2RicaEhHDs-jrBtGw6LN2kEJgvGoNL2ubbrXnIyIosw==
x-cache-hits: 0

GET
H2 200 index.html Show response
sourcepoint.theguardian.com/ Frame 4B0B 5 KB
2 KB 9ms
9ms Document
text/html 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/index.html?message_id=882219&consentUUID=null&requestUUID=5e2b8ecc-5ed9-44ea-b86b-1d9a36bbf4eb&preload_message=true&hasCsp=true&version=v1

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 199
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Thu, 09 Nov 2023 08:57:43 GMT
etag: W/"5bd8512ba573dfffcca16bcba94d75a2"
last-modified: Thu, 02 Nov 2023 15:53:11 GMT
server: AmazonS3
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: -Me95d57kHVcW9XBNs85yhhG6KQMB4IhxyPIIxsNfMbQci9eTkdJMw==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220102-FRA
x-timer: S1699520264.651998,VS0,VE1

GET
H2 200 Notice.3a0d3.css
sourcepoint.theguardian.com/ Frame 4B0B 33 KB
6 KB 8ms
8ms Stylesheet
text/css 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/Notice.3a0d3.css

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=882219&consentUUID=null&requestUUID=5e2b8ecc-5ed9-44ea-b86b-1d9a36bbf4eb&preload_message=true&hasCsp=true&version=v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/index.html?message_id=882219&consentUUID=null&requestUUID=5e2b8ecc-5ed9-44ea-b86b-1d9a36bbf4eb&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
content-encoding: gzip
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
age: 1400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-etou8220102-FRA
last-modified: Thu, 02 Nov 2023 15:53:10 GMT
server: AmazonS3
x-timer: S1699520264.664333,VS0,VE1
etag: W/"453680a5f8883be2b15dcb7878e5d351"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: G4YG3zNmGlRfvqoqOJAmd-sOJERwuRoD9T1yiZpksy1c9Z_y1V3DnQ==
x-cache-hits: 0

GET
H2 200 polyfills.d36c5.js Show response
sourcepoint.theguardian.com/ Frame 4B0B 5 KB
2 KB 11ms
10ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/polyfills.d36c5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/index.html?message_id=882219&consentUUID=null&requestUUID=5e2b8ecc-5ed9-44ea-b86b-1d9a36bbf4eb&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
content-encoding: gzip
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
age: 2054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-etou8220102-FRA
last-modified: Thu, 02 Nov 2023 15:53:11 GMT
server: AmazonS3
x-timer: S1699520264.664543,VS0,VE3
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: u_uDBHNTGK7CA5w3BeL_zY61DdD8I8Dvrc9OpXaAFLSoJc1Hk5uOsA==
x-cache-hits: 0

GET
H2 200 Notice.cfd37.js Show response
sourcepoint.theguardian.com/ Frame 4B0B 274 KB
72 KB 10ms
10ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/Notice.cfd37.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/index.html?message_id=882219&consentUUID=null&requestUUID=5e2b8ecc-5ed9-44ea-b86b-1d9a36bbf4eb&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
content-encoding: gzip
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA60-P2
age: 2057
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-etou8220102-FRA
last-modified: Thu, 02 Nov 2023 15:53:10 GMT
server: AmazonS3
x-timer: S1699520264.664536,VS0,VE3
etag: W/"ab0bfa06558578f0cc888d8945749f5b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: oEsXwpiPdkVsEmwuPG6oEOLCkgW2cNv8yXA70TXgE6MJHVYcm8pHzg==
x-cache-hits: 0

GET
H2 200 Header.js Show response
contributions.guardianapis.com/modules/v3/headers/ 142 KB
37 KB 8ms
7ms Script
application/javascript 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://contributions.guardianapis.com/modules/v3/headers/Header.js
Requested by: Host: www.theguardian.com
URL: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83d518dffb4aab7886ef50301ef92b700c0ba0ca18473e8286bc44d077838506

Request headers

Referer: https://assets.guim.co.uk/assets/index.web.627cd0002c4ebb8f8266.js?http3=true
Origin: https://www.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: iNFbvRPeY5m2MW77JvavL7lWjl2.acPS
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Nov 2023 08:57:43 GMT
x-amz-request-id: F46N94G8ZNAKAW90
age: 194
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-surrogate-control: max-age=300
content-length: 37726
x-amz-id-2: 4eb/q0wg2dMW8pN+/CZbZFoHubS27Walz5Tne8M9gy53noUWdrpbb216/0KSK0bhLK7INVXoh6I=
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Tue, 07 Nov 2023 10:33:16 GMT
server: AmazonS3
x-timer: S1699520264.680816,VS0,VE0
etag: "fd0b330a41094011ff07268fc9eab311"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.theguardian.com
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 8

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 4B0B 1 KB
1 KB 42ms
7ms Fetch
application/json 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=7417

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/Notice.cfd37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

Resource Hash

62e2e96b06762e3255a79e454e914f94101e7bc229b6ce7c0ad24c083f52621a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:35:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1354
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: jEUfpAG4uIKwUhi8NU7Dl6gtzxlzq9Y8WcMZOZJ0jgDepvmoj0jXnQ==

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 29ms
29ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-09-20_EUROPEHEADER_TEST__EU_V1_EUROPE%22%2C%22campaignCode%22%3A%22header_support_2023-09-20_EUROPEHEADER_TEST__EU_V1_EUROPE%22%7D%2C%22action%22%3A%22INSERT%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-09-20_EUROPEHEADER_TEST__EU%22%2C%22variant%22%3A%22V1_EUROPE%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 4B0B 1 KB
1 KB 8ms
8ms Fetch
application/json 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=7417&consentLanguage=en

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/Notice.cfd37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

Resource Hash

62e2e96b06762e3255a79e454e914f94101e7bc229b6ce7c0ad24c083f52621a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:05:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 3154
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: j_3ckYKEwOX3jbiIigK84CRxAUvh-0LOIFA1X_4U0UVNNxdfIAL0kA==

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 29ms
29ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&adUnitWasHidden=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 4B0B 464 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4deb8b98e5ce51144ce980707d596608be453de89423be3addfcd9beeaf45086

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GTGuardianTitlepiece-Bold.woff2
interactive.guim.co.uk/fonts/garnett/ Frame 4B0B 26 KB
26 KB 18ms
7ms Font
application/octet-stream 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://interactive.guim.co.uk/fonts/garnett/GTGuardianTitlepiece-Bold.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

edd12e6fa14355f432e7071326eb15fc600f3099ac0485a972cd2a80880c6d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sourcepoint.theguardian.com/
Origin: https://sourcepoint.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 2K3DFA5QEFXJHK48
age: 197809
x-cache: HIT
content-length: 26504
x-amz-id-2: QKE7yu8+QQM9XVFUJ5VIEXiHOviEOrFFDsTEtvvEB1ZlAhf9RZPeQ/FQI2iUiAy0kkeubryZViI=
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Wed, 18 Nov 2020 17:26:07 GMT
server: AmazonS3
x-timer: S1699520264.821972,VS0,VE0
etag: "ec26e97636dac18945f3a7ee4fd87032"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public,max-age=604800
x-amz-meta-creator: Cyberduck
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
x-cache-hits: 1416

GET
H2 200 GuardianTextSansWeb-Regular.woff2
interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/ Frame 4B0B 35 KB
35 KB 18ms
8ms Font
application/octet-stream 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/GuardianTextSansWeb-Regular.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa2ee0bb51dae9640fe999becb0881b75f544a647068a208bcb2fec2146cd7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sourcepoint.theguardian.com/
Origin: https://sourcepoint.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: YAKBYQ1P8KTGK8XQ
age: 209857
x-cache: HIT
content-length: 35868
x-amz-id-2: +Whkeqyfmio9zI1X6TT6Z9VVAOnhvLrJ8UoRhKqh582jn4WANzR3YXDxlr4+KxJd5YO9BxSP0xw=
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Thu, 16 Aug 2018 16:27:39 GMT
server: AmazonS3
x-timer: S1699520264.822206,VS0,VE0
etag: "42edb0793116210cd6ee2fde2debe92f"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: max-age=302400
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
x-cache-hits: 1539

GET
H2 200 GuardianTextSansWeb-Bold.woff2
interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/ Frame 4B0B 39 KB
39 KB 19ms
9ms Font
application/octet-stream 2a04:4e42:400::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/GuardianTextSansWeb-Bold.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98a6ba8081d2c2dd28a5c7b7efa6f80bf1e9ea513d5d77ecca6a699b21f7a2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sourcepoint.theguardian.com/
Origin: https://sourcepoint.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 09 Nov 2023 08:57:43 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: Z34WJHHESF1KZNY0
age: 193856
x-cache: HIT
content-length: 39500
x-amz-id-2: HUIj9slKy260dvHNwxUDjYtS0onlffnPWOb6HZ8twmQyTxmTBZlCdNoAIpRCyFWSe79bmLzyeCs=
x-served-by: cache-fra-eddf8230024-FRA
last-modified: Thu, 16 Aug 2018 16:27:39 GMT
server: AmazonS3
x-timer: S1699520264.822666,VS0,VE0
etag: "7b29fbe222ef6f546085ef8cbc69a4e0"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: max-age=302400
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
x-cache-hits: 1312

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 29ms
29ms Image
text/plain 108.128.221.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=loqyhftwo9gc0tkezj7j&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_HEADER%22%2C%22id%22%3A%22header_support_2023-09-20_EUROPEHEADER_TEST__EU_V1_EUROPE%22%2C%22campaignCode%22%3A%22header_support_2023-09-20_EUROPEHEADER_TEST__EU_V1_EUROPE%22%7D%2C%22action%22%3A%22VIEW%22%2C%22abTest%22%3A%7B%22name%22%3A%222023-09-20_EUROPEHEADER_TEST__EU%22%2C%22variant%22%3A%22V1_EUROPE%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.221.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-221-27.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theguardian.com/money/2023/oct/23/bookingcom-customers-targeted-by-scam-confirmation-emails?mwg_rnd=8558575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:57:43 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theguardian.com/	1970-01-20 18:14:56	Name: GU_mvt_id Value: 563841
www.theguardian.com/	1969-12-31 23:59:59	Name: GU_geo_country Value: DE
.theguardian.com/	1970-01-21 00:50:56	Name: bwid Value: idFromPV_Y_DejshKBEyXIXs5_X74fA
.theguardian.com/	1970-01-21 00:50:56	Name: bwid_withoutSameSiteForIncompatibleClients Value: idFromPV_Y_DejshKBEyXIXs5_X74fA
.theguardian.com/	1970-01-21 00:50:56	Name: consentUUID Value: a86c6ae0-5225-4571-81db-acd8b38550c2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: camera, microphone, midi, geolocation. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval' blob: 'unsafe-inline'; frame-src https: data:; style-src https: 'unsafe-inline'; img-src https: data: blob:; media-src https: data: blob:; font-src https: data:; connect-src https: wss: blob:; child-src https: blob:; object-src 'none'; base-uri 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.guim.co.uk
cdn.privacy-mgmt.com
contributions.guardianapis.com
discussion.theguardian.com
i.guim.co.uk
interactive.guim.co.uk
ophan.theguardian.com
sourcepoint.theguardian.com
www.theguardian.com
108.128.221.27
151.101.1.111
18.66.147.49
2a04:4e42:400::367
2a04:4e42::367
03489467cd73637caad3431e2f186a58045ff1d9080ccf05e36461212d354095
1f6b2b62d2f6d7d86be696b424b6d11d1af29308d934371f9697a8659f27898c
249f31b97fc26b058669ae7320b4efb49c8aaa3a2f96011a67da7a31ecf7a98b
2800762a37a916c218da5a0af5c3dfe46b5fadeb2ddb155ec4c912f57a86080b
2d40b2088cfcdc50fb6691d40724f54798e96fe0519db736cfda15fa53c0abd7
30e7f98cd6732424c5f13b251c76a3a6902624325462941583969ba2cc8217d5
36b8e54ccc30b2509d09054b64ad16193d1e7243e69b5a3125c5a8719353b311
39547af8f8924f74c9dacd9f2cdbf17e3c327011732a625f980980cfa5f658ae
3bb30804fbe6f0483929507387bfa0bd67e4dcd4d1d38ae70db6e66991910d8b
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
4af743c6ec755069d2de803a88471ed2fdd40547e48f3acc09e928e901842abb
4deb8b98e5ce51144ce980707d596608be453de89423be3addfcd9beeaf45086
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
54580fbbda221f30b1faede22e8c30fe944b83bd03d2d753780d6245eecf8c1c
592781778a9a04241b7a873c93f9f4497c6e3eca6a815eeb0ccef4e94ec068bf
5a9e922e1bd8eaf0540e82944501086d2a843c5b52b42a83d15f28f10dacc561
62b838a3e0936f72d25e0ba795bbe56fec047bacf36798562f2d5b2dc56520cb
62e2e96b06762e3255a79e454e914f94101e7bc229b6ce7c0ad24c083f52621a
64c3b6c779226890870808c84f571661a8b4d076589ddc9ffe8d8a3bb7c97701
64c7445bccfde1d32c63511354cfeaf89bfae87e086579f348375b1ddb93b9c5
662ef7d26d43d1c26ae647c1bc7a39facfe7779153c77f81644a61b4448978ea
6a3d1aa57f151a682618cb698ae2ec646edbe2b3c6c1bdaafaa4d58272156bcf
6e1a201b0eeea0b37a24ac4842f014e31738ace451ee18f7ca78d27e798ad0aa
7df2a80425f1f1fcbfcfa5f127fe17c548a8fbdc079bcdadcae97f1840b44463
7fd3e7e40af2f9e73451be33accaaf7916d71ab6fdf242b1c8f31ff0bf80f134
83d518dffb4aab7886ef50301ef92b700c0ba0ca18473e8286bc44d077838506
87e9036ce8b1ba1645d519285aaf31491d87a3e16273835fe134aa38993d6f6b
8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be
8d1c2d51cd172a89facc5a9f381cb5ec187ee6be0f75860b738a8dfca56f5f7c
92178eea3a6ec8ca224e9972aaa4e1ebe2a672fdaddd1ac813304304e88672ec
94fe0d2285c389753c3edb6b831060fb9ad11e0901eec47217cff7f281cc037b
962d2108569647b15b9e0755abd368a29adcda526fb6b45d4aa5695f695504ff
98a6ba8081d2c2dd28a5c7b7efa6f80bf1e9ea513d5d77ecca6a699b21f7a2b0
a146658c96b87556d722e61e961bbe814f135ddf0b3d352d500d71fb39035595
a38fa27864755c19f4fc7e1c7fb017cdabecc61e5df572a9efed5021299d21ab
a598b602a4d6e69b5a7d58f399bccbc9c1b78e778b21d3807a3524a998dedd4f
a5fdea6b86757110907bcbe5f0d6f52f94cbec23eed4350cb2f14dd837cf7d1b
b2940ab435effcf0a12a87b38f40f70e6a0f3e394b3a0310d11449a6efaa9aec
b29a95844a36f947c8b52c7bb808d422c6c0b10fea4b17ebc42ef8d575f0f4bf
b5bd04dbb835fbc17c3d9ee0379f33718271b6b1031f57c31f35b9f07034e5b2
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
c1ea16238eb84736874d79a7c0878e8702d5fb329a6d9cf0c0caaef9d5fbdb48
c27e2b30dae3bd5c53c041c55e19305ad403339f08f49f5a690639373a395207
c2d034f935f7a855ef11c1eb539c155aeb31a7fa59932aec205c9e5f7564d26b
c6e5394b9de93e3a0227fd8529e2f3c64d9f3c60813ec9dc41adefa6fb0a9180
ca7c678c52860dfd12bb6cd288c8dd518bef87d9f6418c48f7ecfd4247157091
d0b7983748b77fb3f420e91e967648481bdc13e1d6906ca37d9f7f252a8fedd0
d1da416a71b864e9a36112077810f09dbd481ec020b6112ee80d52d394084a00
d350fb91d1079280863da5090a4bda0743703cb270499727a98bae6cac2ca9b5
d60a7857461366f690fbfc2378bdf9ef2b56a88c3e0986b971056d6b5ac192c5
da22a2e4326e5cc0595a7e7cb5ebd68492896f1660e1ee116e3af32ad6aeccce
e1cdcbba5b8f60d90a0b4df810e5cecf444b253764565e630d19abcfd1b01b17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e461ec99a1d40286ccdb0e737880e244c8e6dbb509f2a62e117a74e8a2c03065
e903cb61bc60b8a10cd236bd29af272aa4e224b742bf1a168944da36e8e30880
edd12e6fa14355f432e7071326eb15fc600f3099ac0485a972cd2a80880c6d49
eea296e536a1715e87caf24fed8cb88981ef793ba1aca8097087a3a77a6f8492
fa2ee0bb51dae9640fe999becb0881b75f544a647068a208bcb2fec2146cd7d1
fa364c5f0844c7c1fe4c96d14495d45d65c07b2a635b44800382e266e1a67d2e

www.theguardian.com Open in urlscan Pro 2a04:4e42::367 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

40 %IPv6

4 Domains

9 Subdomains

6 IPs

2 Countries

931 kBTransfer

2036 kBSize

5 Cookies

24 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theguardian.com Open in urlscan Pro
2a04:4e42::367 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

9
Subdomains

6
IPs

2
Countries

931 kB
Transfer

2036 kB
Size

5
Cookies

78 HTTP transactions
1 data transactions