themortgageworks.co.uk Open in urlscan Pro
155.131.44.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tmwnews.co.uk/5KD-79W3U-KWQL0P-4DUJQH-0/c.aspx
Effective URL:
https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20New...
Submission: On March 18 via api (March 18th 2021, 3:07:16 pm UTC) from DE

Summary HTTP 53 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 17 domains to perform 53 HTTP transactions. The main IP is 155.131.44.131, located in Swindon, United Kingdom and belongs to Nationwide Building Society, GB. The main domain is themortgageworks.co.uk.
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 11th 2020. Valid for: a year.

This is the only time themortgageworks.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.16.210.86 104.16.210.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	155.131.44.131 155.131.44.131	8698 (Nationwid...) (Nationwide Building Society)
1 4	52.210.171.182 52.210.171.182	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:10c... 2a02:26f0:10c:582::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.42.33 54.171.42.33	16509 (AMAZON-02) (AMAZON-02)
1	52.18.150.20 52.18.150.20	16509 (AMAZON-02) (AMAZON-02)
2 4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2 3	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
53	17

1 104.16.210.86 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tmwnews.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 155.131.44.131 (Swindon, United Kingdom)

ASN8698 (Nationwide Building Society, GB)
PTR: wwww.themortgageworks.co.uk

themortgageworks.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.171.182 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nationwide.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:582::25ea (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

smetrics.nationwide.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.42.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.150.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com

nationwidebuildingso.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	youtube.com www.youtube.com	1 MB
8	themortgageworks.co.uk themortgageworks.co.uk	665 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net	2 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	34 KB
4	flashtalking.com servedby.flashtalking.com	5 KB
4	demdex.net 1 redirects dpm.demdex.net nationwide.demdex.net	6 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	ytimg.com i.ytimg.com	83 KB
2	ggpht.com yt3.ggpht.com	6 KB
2	google.com www.google.com	18 KB
2	avct.cloud 1 redirects ads.avct.cloud	733 B
2	nationwide.co.uk smetrics.nationwide.co.uk	873 B
1	avocet.io 1 redirects ads.avocet.io	140 B
1	omtrdc.net nationwidebuildingso.tt.omtrdc.net	757 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	licdn.com snap.licdn.com	2 KB
1	tmwnews.co.uk 1 redirects tmwnews.co.uk	613 B
53	17

	Domain	Requested by
18	www.youtube.com	themortgageworks.co.uk www.youtube.com
8	themortgageworks.co.uk	themortgageworks.co.uk
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	servedby.flashtalking.com	themortgageworks.co.uk servedby.flashtalking.com
3	dpm.demdex.net	1 redirects themortgageworks.co.uk
2	www.gstatic.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	www.google.com	www.youtube.com
2	ads.avct.cloud	1 redirects servedby.flashtalking.com
2	static.doubleclick.net	www.youtube.com
2	smetrics.nationwide.co.uk	themortgageworks.co.uk
2	px.ads.linkedin.com	1 redirects themortgageworks.co.uk
2	fonts.gstatic.com	www.youtube.com
1	ads.avocet.io	1 redirects
1	nationwidebuildingso.tt.omtrdc.net	themortgageworks.co.uk
1	cm.everesttech.net	1 redirects
1	nationwide.demdex.net	themortgageworks.co.uk
1	www.linkedin.com	1 redirects
1	snap.licdn.com	themortgageworks.co.uk
1	tmwnews.co.uk	1 redirects
53	21

This site contains links to these domains. Also see Links.

Domain
www.nationwide.co.uk
www.tmwonline.co.uk
wr2.enact.co.uk
secure.radirect.com
case.oneillpatient.co.uk
www.yourconveyancer.co.uk
www.nationwide-jobs.co.uk
www.linkedin.com

Subject Issuer	Validity	Valid
themortgageworks.co.uk DigiCert EV RSA CA G2	`2020-07-11` - `2021-07-05`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
smetrics.nationwide.co.uk DigiCert TLS RSA SHA256 2020 CA1	`2021-01-18` - `2022-01-25`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.avct.cloud R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
Frame ID: 7EF5FC911EB0ECBEC9931C66FBFB3D0C
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
Frame ID: C23749E91D5F7426B3AE422C2D957AA2
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
Frame ID: 766574F8282245BB4C11382E3C2C29D3
Requests: 17 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
Frame ID: E1EB18730BCB926AD34C339ACD07C295
Requests: 5 HTTP requests in this frame

Frame: https://nationwide.demdex.net/dest5.html?d_nsid=0
Frame ID: 0EC731E73E031BEAFBF3064D50CD1FFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tmwnews.co.uk/5KD-79W3U-KWQL0P-4DUJQH-0/c.aspx HTTP 302
https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Page Statistics

53
Requests

100 %
HTTPS

58 %
IPv6

17
Domains

21
Subdomains

17
IPs

5
Countries

2222 kB
Transfer

5376 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nationwide.co.uk/about/corporate-information/cookies-and-privacy/cookie-details
Title: More about cookies

Search URL Search Domain Scan URL

URL: https://www.tmwonline.co.uk/
Title: TMW Online

Search URL Search Domain Scan URL

URL: https://wr2.enact.co.uk/WebReports/Login.aspx?ReturnUrl=/webreports/default.aspx
Title: Enact online portal

Search URL Search Domain Scan URL

URL: https://secure.radirect.com/
Title: RA Direct online portal

Search URL Search Domain Scan URL

URL: https://case.oneillpatient.co.uk/(S(bzyp5fs4b0lmt3bpt2wvwe2a))/Login.aspx
Title: O’Neill Patient case tracker

Search URL Search Domain Scan URL

URL: https://www.yourconveyancer.co.uk/user?destination=proactive
Title: Your Conveyancer online portal

Search URL Search Domain Scan URL

URL: http://www.nationwide-jobs.co.uk/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-mortgage-works
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tmwnews.co.uk/5KD-79W3U-KWQL0P-4DUJQH-0/c.aspx HTTP 302
https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1616080017844 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1616080017844

Request Chain 23

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2774522&time=1616080018101&url=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%20Newsletter%20%2721%26%253Fpartnerref%253Dregemail3%3D12218826_March%20Newsletter%20%2721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2774522%26time%3D1616080018101%26url%3Dhttps%253A%252F%252Fthemortgageworks.co.uk%252Fplacing-business%252Fcase-tracking%253Futm_source%253DTMW%2526utm_medium%253Demail%2526utm_campaign%253D12218826_March%2BNewsletter%2B%252721%2526%25253Fpartnerref%25253Dregemail3%253D12218826_March%2BNewsletter%2B%252721%2526dm_i%253D5KD%252C79W3U%252CKWQL0P%252CTHVYB%252C0%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2774522&time=1616080018101&url=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March+Newsletter+%2721%26%253Fpartnerref%253Dregemail3%3D12218826_March+Newsletter+%2721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&liSync=true

Request Chain 26

https://cm.everesttech.net/cm/dd?d_uuid=52429537767591957424058953233369354240 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFNskgAAAFH2_hNg

Request Chain 29

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 31

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 34

https://ads.avocet.io/s?add=5b8fadd1353981c37b67c702&ty=j HTTP 301
https://ads.avct.cloud/s?r=1&add=5b8fadd1353981c37b67c702&ty=j HTTP 302
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8fadd1353981c37b67c702&ty=j

53 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set case-tracking Show response
themortgageworks.co.uk/placing-business/
Redirect Chain

https://tmwnews.co.uk/5KD-79W3U-KWQL0P-4DUJQH-0/c.aspx
https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%...

32 KB
34 KB

385ms
127ms

Document
text/html

155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to

Full URL

https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

437b76e811fdd2a1c1ea1fae9b20236f1106ddb51fd2cb112426d417f01fa4cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src .tt.omtrdc.net dpm.demdex.net metrics.nationwide.co.uk smetrics.nationwide.co.uk 'self' .swiftype.com; font-src data: 'self'; frame-src fast.nationwide.demdex.net nationwide.demdex.net servedby.flashtalking.com 'self' r1.surveysandforms.com *.youtube.com; img-src dpm.demdex.net cm.everesttech.net metrics.nationwide.co.uk smetrics.nationwide.co.uk ads.avocet.io ads.avct.cloud tags.bluekai.com sync.crwdcntrl.net data: ps.eyeota.net px.ads.linkedin.com 'self' www.linkedin.com; object-src 'self'; script-src snap.licdn.com data: 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: themortgageworks.co.uk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=j1530vzwh0w041tgpn0hhe0f; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=3a0193956c59497cb787b40abaca8369|False; domain=Nationwide-intermediary.co.uk; expires=Sun, 16-Mar-2031 15:06:57 GMT; path=/; secure; HttpOnly du=duSD;Path=/;Domain=themortgageworks.co.uk;Expires=Thu, 18-Mar-2021 15:26:57 GMT TS0151dab0=01462af731c07ff35a667bf12e97edc6916071bf0aa4f1fc287cdc7b8d82351c14ecd41136f9bc242388d57fea59b2188a52ff762a2ee39d20c4b34bc0ddcb79c55030be7985c63354ed39536282ad74f51eda0658e51e7ca5e6f4f071f56089db378cda7e; Path=/; Domain=.themortgageworks.co.uk
Content-Security-Policy: default-src 'self'; connect-src *.tt.omtrdc.net dpm.demdex.net metrics.nationwide.co.uk smetrics.nationwide.co.uk 'self' *.swiftype.com; font-src data: 'self'; frame-src fast.nationwide.demdex.net nationwide.demdex.net servedby.flashtalking.com 'self' r1.surveysandforms.com *.youtube.com; img-src dpm.demdex.net cm.everesttech.net metrics.nationwide.co.uk smetrics.nationwide.co.uk ads.avocet.io ads.avct.cloud tags.bluekai.com sync.crwdcntrl.net data: ps.eyeota.net px.ads.linkedin.com 'self' www.linkedin.com; object-src 'self'; script-src snap.licdn.com data: 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
Date: Thu, 18 Mar 2021 15:06:57 GMT
Content-Length: 32847
Strict-Transport-Security: max-age=16070400; includeSubDomains

Redirect headers

date: Thu, 18 Mar 2021 15:06:57 GMT
content-type: text/html; charset=utf-8
content-length: 367
set-cookie: __cfduid=dc5ec251421d6cf742028d8c044ae6a181616080016; expires=Sat, 17-Apr-21 15:06:56 GMT; path=/; domain=.tmwnews.co.uk; HttpOnly; SameSite=Lax
cache-control: private
location: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
x-dm-activity-id: 7ea9372b483244d9a208b08c515895f5
cf-cache-status: DYNAMIC
cf-request-id: 08e7792e4600001d0e513ea000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 631f5e2a08fc1d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK analytics.lib.min.js Show response
themortgageworks.co.uk/assets/js/libs/ 200 KB
201 KB 150ms
56ms Script
application/javascript 155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to

Full URL

https://themortgageworks.co.uk/assets/js/libs/analytics.lib.min.js?b=200001010002

Requested by

Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

f63b3005f4b37c04072cd33f727de483c78172e2a22f6f6482d16efff512359d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:57 GMT
Last-Modified: Mon, 15 Mar 2021 10:39:04 GMT
ETag: "0542b6b8719d71:0"
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public,max-age=604800
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 205130
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK tmw.css
themortgageworks.co.uk/assets/theme/ 131 KB
132 KB 83ms
59ms Stylesheet
text/css 155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to

Full URL

https://themortgageworks.co.uk/assets/theme/tmw.css?b=200001010002

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

0cb730361fcdca8931c327d6d7edb61efe8c52e2b1d91c896683895185f928b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:57 GMT
Last-Modified: Mon, 15 Mar 2021 11:00:30 GMT
ETag: "05baf698a19d71:0"
x-frame-options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public,max-age=604800
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 133984
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK TMW.svg
themortgageworks.co.uk/-/media/TMW/images/ 597 B
1 KB 57ms
56ms Image
image/svg+xml 155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themortgageworks.co.uk/-/media/TMW/images/TMW.svg?h=53&la=en&w=52&hash=77F850B1E9E3682F0E223078D1BA1BDB28CFDD40

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

f2b40f0999ce2d8954c5396c45d0e007c99582ff9e2cfc886fee29cbb3f5c12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:57 GMT
Last-Modified: Tue, 06 Nov 2018 11:14:04 GMT
ETag: ebc80ce578d74f53893428f35c5cf4d4
x-frame-options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: public, no-cache, max-age=604800
Content-Disposition: inline; filename="TMW.svg"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 597
x-xss-protection: 1; mode=block
Expires: Thu, 25 Mar 2021 15:06:57 GMT

GET
H/1.1 200
OK TMW_Standard.svg
themortgageworks.co.uk/-/media/TMW/images/ 7 KB
8 KB 61ms
59ms Image
image/svg+xml 155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themortgageworks.co.uk/-/media/TMW/images/TMW_Standard.svg?h=148&la=en&w=300&hash=57BD307982C410EEED7AA5D16A623CE169E9AD03

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

500d5c92554669fe65e3f9933fc6a23078509eba730947ccbe5e3cbf95547fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:57 GMT
Last-Modified: Wed, 12 Dec 2018 14:05:14 GMT
ETag: f0170bdce47b46388c93397350042d8f
x-frame-options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: public, no-cache, max-age=604800
Content-Disposition: inline; filename="TMW_Standard.svg"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 7250
x-xss-protection: 1; mode=block
Expires: Thu, 25 Mar 2021 15:06:57 GMT

GET
H/1.1 200
OK bundle.js Show response
themortgageworks.co.uk/assets/js/ 221 KB
221 KB 58ms
58ms Script
application/javascript 155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to

Full URL

https://themortgageworks.co.uk/assets/js/bundle.js?b=200001010002

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

512fb8aa833ba6ddf4db5ae909cabead33ce1ddeb65e25bf71d1fde617276f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:57 GMT
Last-Modified: Mon, 15 Mar 2021 11:01:34 GMT
ETag: "0fbd48f8a19d71:0"
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public,max-age=604800
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 225793
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1616080017844
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1616080017844

369 B
1 KB

59ms
58ms

XHR
application/json

52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1616080017844

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c18812758d7398c7b85d7d07ad329fdc52aedc5d332d8c9feb83bdf6f5b98ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://themortgageworks.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0b4addc7b.edge-irl1.demdex.com 5.80.7.20210304103356 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: JTS+INQoSsQ=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://themortgageworks.co.uk
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 304
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://themortgageworks.co.uk
X-TID: EsKI9aowRT0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1D4334B852784A2D0A490D44%40AdobeOrg&d_nsid=0&ts=1616080017844
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 _6uFCvS6z8Y Show response
www.youtube.com/embed/ Frame C237 50 KB
21 KB 78ms
53ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e9135225823bc245c7c83fc1394c0564946b5e2e9e3eaaa4b5f57340b1e908c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://themortgageworks.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://themortgageworks.co.uk/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Mar 2021 15:06:57 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=42_M1VHgmiI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Si98w5eR0-I; Domain=.youtube.com; Expires=Tue, 14-Sep-2021 15:06:57 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+200; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 omecseGaLCY Show response
www.youtube.com/embed/ Frame 7665 51 KB
22 KB 85ms
60ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fbd2e7d95c5704faed25bdf33b6df1d6e23485a1264c93f886e1a043f47a68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://themortgageworks.co.uk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://themortgageworks.co.uk/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Mar 2021 15:06:57 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=j69YI-Pz7H8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=eZ2ZK718PN4; Domain=.youtube.com; Expires=Tue, 14-Sep-2021 15:06:57 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+258; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK bold.woff
themortgageworks.co.uk/assets/fonts/nbsbold/ 32 KB
33 KB 53ms
52ms Font
application/x-font-woff 155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to

Full URL

https://themortgageworks.co.uk/assets/fonts/nbsbold/bold.woff

Requested by

Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/assets/theme/tmw.css?b=200001010002

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

5cfc1d72a6c4c817544222468ad1a2f27ed404481f529f223c05c1c52bb3ba2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://themortgageworks.co.uk
Referer: https://themortgageworks.co.uk/assets/theme/tmw.css?b=200001010002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:57 GMT
Last-Modified: Mon, 15 Mar 2021 11:00:38 GMT
ETag: "0f746e8a19d71:0"
x-frame-options: SAMEORIGIN
Content-Type: application/x-font-woff
Cache-Control: public,max-age=604800
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 33208
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK light.woff
themortgageworks.co.uk/assets/fonts/nbslight/ 34 KB
35 KB 54ms
53ms Font
application/x-font-woff 155.131.44.131
Nationwide Buildi...

General

Check archive.org

Show headers Download Go to

Full URL

https://themortgageworks.co.uk/assets/fonts/nbslight/light.woff

Requested by

Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/assets/theme/tmw.css?b=200001010002

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

155.131.44.131 Swindon, United Kingdom, ASN8698 (Nationwide Building Society, GB),

Reverse DNS

wwww.themortgageworks.co.uk

Software

Resource Hash

b45cc2fcbc9c7d85cf581260ff9e938d12087a12205f542248b5317bf6a267d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://themortgageworks.co.uk
Referer: https://themortgageworks.co.uk/assets/theme/tmw.css?b=200001010002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:57 GMT
Last-Modified: Mon, 15 Mar 2021 11:00:38 GMT
ETag: "0f746e8a19d71:0"
x-frame-options: SAMEORIGIN
Content-Type: application/x-font-woff
Cache-Control: public,max-age=604800
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 35056
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b90628af4bb48018e953bf72619b2d4c1bc38f0b2943a9bcb3c82c1e1f43f7d

Request headers

Origin: https://themortgageworks.co.uk
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/3519;38862;4530;iframe/ Frame E1EB 3 KB
3 KB 162ms
61ms Document
text/html 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
Requested by: Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app29.frk11 /
Resource Hash: e96072a785f0e1071fbfd1328cb8e3dfc07fe18140bf41d16bc97d86ff40818d

Request headers

Host: servedby.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://themortgageworks.co.uk/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://themortgageworks.co.uk/

Response headers

Date: Thu, 18 Mar 2021 15:06:58 GMT
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html
Server: prod-xre-app29.frk11
Pragma: no-cache
X-HW: 1616080018.dop201.sk1.t,1616080018.cds204.sk1.shn,1616080018.dop201.sk1.t,1616080018.cds049.sk1.sc,1616080018.cds049.sk1.p

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 37ms
10ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://themortgageworks.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:06:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=18741
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/223a7479/ Frame C237 341 KB
51 KB 43ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133538
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:20 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/223a7479/www-embed-player.vflset/ Frame C237 161 KB
59 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133460
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59641
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:02:38 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame C237 2 MB
506 KB 53ms
37ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133538
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518129
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:20 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/ Frame C237 8 KB
3 KB 48ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133460
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:02:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C237 15 KB
15 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 588333
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/223a7479/ Frame 7665 341 KB
51 KB 42ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133538
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:20 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/223a7479/www-embed-player.vflset/ Frame 7665 161 KB
58 KB 46ms
30ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133460
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59641
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:02:38 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame 7665 2 MB
506 KB 49ms
33ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133538
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518129
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:20 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/ Frame 7665 8 KB
3 KB 48ms
33ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:02:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133460
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:02:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7665 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 588333
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2774522&time=1616080018101&url=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26u...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2774522%26time%3D1616080018101%26url%3Dhttps%253A%252F%252Fthemortgageworks.co.uk...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2774522&time=1616080018101&url=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26u...

0
296 B

242ms
238ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2774522&time=1616080018101&url=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March+Newsletter+%2721%26%253Fpartnerref%253Dregemail3%3D12218826_March+Newsletter+%2721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&liSync=true
Requested by: Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://themortgageworks.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:59 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: zpScDDd4bRYgVIoFvyoAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
content-length: 0
x-li-uuid: ihr5/TZ4bRbQo47bhisAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: CF8410F51A0B4AC1B2BE2C9B277DABDE Ref B: FRAEDGE1520 Ref C: 2021-03-18T15:06:58Z
date: Thu, 18 Mar 2021 15:06:58 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2774522&time=1616080018101&url=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March+Newsletter+%2721%26%253Fpartnerref%253Dregemail3%3D12218826_March+Newsletter+%2721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
nationwide.demdex.net/ Frame 0EC7 7 KB
3 KB 216ms
51ms Document
text/html 52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nationwide.demdex.net/dest5.html?d_nsid=0

Requested by

Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/assets/js/libs/analytics.lib.min.js?b=200001010002

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: nationwide.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://themortgageworks.co.uk/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=52429537767591957424058953233369354240
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://themortgageworks.co.uk/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 10 Mar 2021 16:01:36 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=52429537767591957424058953233369354240;Path=/;Domain=.demdex.net;Expires=Tue, 14-Sep-2021 15:06:58 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: MVVp+ekPT0Y=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
smetrics.nationwide.co.uk/ 48 B
524 B 141ms
48ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.nationwide.co.uk/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=1D4334B852784A2D0A490D44%40AdobeOrg&mid=52458242495082467534060579485063359679&ts=1616080018174

Requested by

Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/assets/js/libs/analytics.lib.min.js?b=200001010002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

5b7c4a4ba3b0fc6690f08997fff8dca8c6bb63b90144b59c03b45d2a0a6abac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themortgageworks.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7df884dd44-vzj2j
vary: Origin
x-c: main-1434.I637bed.M0-481
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://themortgageworks.co.uk
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YFNskgAAAFH2_hNg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=52429537767591957424058953233369354240
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFNskgAAAFH2_hNg

42 B
915 B

54ms
54ms

Image
image/gif

52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFNskgAAAFH2_hNg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://themortgageworks.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0e7f33662.edge-irl1.demdex.com 5.80.7.20210304103356 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: eN0gQrZXSV8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFNskgAAAFH2_hNg
Date: Thu, 18 Mar 2021 15:06:58 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s78103322132176
smetrics.nationwide.co.uk/b/ss/nationwidelive1/1/JS-2.10.0/ 43 B
349 B 46ms
45ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.nationwide.co.uk/b/ss/nationwidelive1/1/JS-2.10.0/s78103322132176?AQB=1&ndh=1&pf=1&t=18%2F2%2F2021%2016%3A6%3A58%204%20-60&sdid=698E22533C096DE3-29B96F069032A8E9&mid=52458242495082467534060579485063359679&aamlh=6&ce=UTF-8&ns=nationwide&cdp=3&pageName=b2b%3Atmw%3Aplacing%20business%3Acase%20tracking&g=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&c.&page.&category.&nbs_sub_category_1=b2b%3Atmw%3Aplacing%20business&nbs_sub_category_2=b2b%3Atmw%3Aplacing%20business%3Acase%20tracking&primaryCategory=b2b%3Atmw&.category&nbs_environment=live&pageInfo.&nbs_page_responsive_orientation=landscape&nbs_page_responsive_state=xxl&pageName=b2b%3Atmw%3Aplacing%20business%3Acase%20tracking&language=en-GB&.pageInfo&.page&nbs_message_0.&category=notification&text=cookie%20policy%20this%20site%20uses%20cookies%20and%20by%20using%20this%20site%20you%20are%20consenting%20to%20this.%20find%20out%20why%20we%20use%20cookiesand%20how%20to%20manage%20your%20settings.more%20about%20cookies%20accept%20and%20close&cause=cookiepolicy&.nbs_message_0&nbs_version_sc=a%3A2.10.0_v%3A3.3.0_d%3A0.1.41_20190920_001&nbs_query_string=%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&nbs_perf_timing.&nbs_pt_pagename=D%3Dc19&.nbs_perf_timing&nbs_id.&nbs_id_svicookie=D%3Ds_vi&nbs_id_sfidcookie=D%3Ds_fid&nbs_id_aid=D%3Daid&nbs_id_fid=D%3Dfid&nbs_id_mid=D%3Dmid&nbs_id_sdid=D%3Dsdid&.nbs_id&.c&cc=GBP&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1D4334B852784A2D0A490D44%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themortgageworks.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
x-c: main-1434.I637bed.M0-481
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 19 Mar 2021 15:06:58 GMT
server: jag
xserver: anedge-7df884dd44-c69hr
etag: 3470505413342986240-4621755679078868494
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 17 Mar 2021 15:06:58 GMT

GET
H2 200 json Show response
nationwidebuildingso.tt.omtrdc.net/m2/nationwidebuildingso/mbox/ 96 B
757 B 164ms
59ms XHR
application/json 52.18.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nationwidebuildingso.tt.omtrdc.net/m2/nationwidebuildingso/mbox/json?mbox=nw-global-mbox&mboxSession=b65aa161d7714a068a75209d58a8c79b&mboxPC=&mboxPage=42e2d2c936724001b4b02ebf5c337f1f&mboxRid=09f5ac2e86d64a68a9b01e0be38bbf74&mboxVersion=1.7.1&mboxCount=1&mboxTime=1616083617908&mboxHost=themortgageworks.co.uk&mboxURL=https%3A%2F%2Fthemortgageworks.co.uk%2Fplacing-business%2Fcase-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&at_property=16096ab4-e55d-c3ae-891b-4dbc5794f363&mboxMCSDID=698E22533C096DE3-29B96F069032A8E9&vst.trk=metrics.nationwide.co.uk&vst.trks=smetrics.nationwide.co.uk&mboxMCGVID=52458242495082467534060579485063359679&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/assets/js/libs/analytics.lib.min.js?b=200001010002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 48079255e90bd4ac42d9c8d427fa41184f7b0ca09c5c91e3f788ba3491cfe8b1

Request headers

Referer: https://themortgageworks.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 15:06:58 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin: https://themortgageworks.co.uk
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: 09f5ac2e86d64a68a9b01e0be38bbf74

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7665
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
298 B

68ms
53ms

XHR
application/json

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4c77bd95fbdc7d21507cdad2005c980bfe48977496c8b0b8db97395f4cc5512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7665 29 B
407 B 32ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 14:56:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 654
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Mar 2021 15:11:04 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C237
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
921 B

63ms
52ms

XHR
application/json

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21f5d8e0be243d68c657f8995dd08995d6de0bb168860ddb4079df5b7b360c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C237 29 B
87 B 9ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 14:56:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 654
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 18 Mar 2021 15:11:04 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/modify/vsb;;pixel/ Frame E1EB 42 B
628 B 139ms
74ms Image
image/gif 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/segment/modify/vsb;;pixel/?name=The%20Mortgage%20Works
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app50.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 15:06:58 GMT
Server: prod-xre-app50.frk11
X-HW: 1616080018.dop201.sk1.shc,1616080018.dop201.sk1.t,1616080018.cds045.sk1.sc,1616080018.cds045.sk1.p
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Type: image/gif
Content-Length: 42

GET
H2

200

s Show response
ads.avct.cloud/ Frame E1EB
Redirect Chain

https://ads.avocet.io/s?add=5b8fadd1353981c37b67c702&ty=j
https://ads.avct.cloud/s?r=1&add=5b8fadd1353981c37b67c702&ty=j
https://ads.avct.cloud/s?bounce=true&r=1&add=5b8fadd1353981c37b67c702&ty=j

0
336 B

52ms
51ms

Script
application/javascript

52.17.151.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.avct.cloud/s?bounce=true&r=1&add=5b8fadd1353981c37b67c702&ty=j
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.151.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
content-type: application/javascript

Redirect headers

location: /s?bounce=true&r=1&add=5b8fadd1353981c37b67c702&ty=j
date: Thu, 18 Mar 2021 15:06:58 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 87
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/6/3519;95828;4530/ Frame E1EB 42 B
355 B 122ms
60ms Image
image/gif 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/spot/6/3519;95828;4530/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app42.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 15:06:58 GMT
Server: prod-xre-app42.frk11
X-HW: 1616080018.dop201.sk1.shc,1616080018.dop201.sk1.t,1616080018.cds201.sk1.sc,1616080018.cds201.sk1.p
Content-Type: image/gif
Cache-Control: no-cache,no-store
Connection: Keep-Alive
Content-Length: 42

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame 7665 97 KB
32 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e876557b18f3103f57f783a5fbcf889c056566f70555ff879105884369c70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133537
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32697
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:21 GMT

GET
H2 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
www.google.com/js/bg/ Frame 7665 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 65038
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:03:00 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame 7665 23 KB
23 KB 53ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0c3cbb514094c98860c6f43d28502541eaa1defe9a6755ba47e538b85a3b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133251
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23645
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:06:07 GMT

GET
DATA 200
OK truncated
/ Frame 7665 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhuW3DPU0nfI_0sgXKi7uxAGB73O0MBAxkAeM88=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7665 3 KB
3 KB 188ms
159ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhuW3DPU0nfI_0sgXKi7uxAGB73O0MBAxkAeM88=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

310d3704665b959a3fade6270a17f78f1f13321c0b3b2e9e7bd5a1cb4274a7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v41"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3084
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:06:58 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/omecseGaLCY/ Frame 7665 41 KB
41 KB 88ms
63ms Image
image/webp 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/omecseGaLCY/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b07c41e5e0d488334b6f7d178e2f396fd3d3c7e9d2b4f74d7c155d57be8413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
server: sffe
etag: "1569937525"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41648
x-xss-protection: 0
expires: Thu, 18 Mar 2021 17:06:58 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame C237 97 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e876557b18f3103f57f783a5fbcf889c056566f70555ff879105884369c70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133537
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32697
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:01:21 GMT

GET
H3-Q050 200 1slcZ_FuP2rEedwYRD9TmrpMcXNUKYaDBx9ROrhk9jg.js Show response
www.google.com/js/th/ Frame C237 33 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1slcZ_FuP2rEedwYRD9TmrpMcXNUKYaDBx9ROrhk9jg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6c95c67f16e3f6ac479dc18443f539aba4c717354298683071f513ab864f638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 106488
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12731
x-xss-protection: 0
expires: Thu, 17 Mar 2022 09:32:10 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/ Frame C237 23 KB
23 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0c3cbb514094c98860c6f43d28502541eaa1defe9a6755ba47e538b85a3b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:06:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 21:56:05 GMT
server: sffe
age: 133251
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23645
x-xss-protection: 0
expires: Thu, 17 Mar 2022 02:06:07 GMT

GET
DATA 200
OK truncated
/ Frame C237 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhuW3DPU0nfI_0sgXKi7uxAGB73O0MBAxkAeM88=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C237 3 KB
3 KB 141ms
141ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhuW3DPU0nfI_0sgXKi7uxAGB73O0MBAxkAeM88=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

310d3704665b959a3fade6270a17f78f1f13321c0b3b2e9e7bd5a1cb4274a7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
server: fife
etag: "v41"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3084
x-xss-protection: 0
expires: Fri, 19 Mar 2021 15:06:58 GMT

GET
H3-Q050 200 maxresdefault.webp
i.ytimg.com/vi_webp/_6uFCvS6z8Y/ Frame C237 41 KB
41 KB 83ms
69ms Image
image/webp 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/_6uFCvS6z8Y/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c385d07a93edc1225ddec1d77758ebc53da1c6e9d6dbbe8746e34c08f5c041ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:58 GMT
x-content-type-options: nosniff
server: sffe
etag: "1569931900"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42158
x-xss-protection: 0
expires: Thu, 18 Mar 2021 17:06:58 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7665 4 KB
2 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 18 Mar 2021 15:06:59 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C237 4 KB
2 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 18 Mar 2021 15:06:59 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame E1EB 42 B
474 B 49ms
49ms Image
image/gif 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=4530&d=themortgageworks.co.uk&r=placing-business/case-tracking
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app38.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://servedby.flashtalking.com/container/3519;38862;4530;iframe/?ft_referrer=https%3A//themortgageworks.co.uk/placing-business/case-tracking%3Futm_source%3DTMW%26utm_medium%3Demail%26utm_campaign%3D12218826_March%2520Newsletter%2520%252721%26%253Fpartnerref%253Dregemail3%3D12218826_March%2520Newsletter%2520%252721%26dm_i%3D5KD%2C79W3U%2CKWQL0P%2CTHVYB%2C0&ns=&cb=965614.0015665689
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 15:06:59 GMT
Server: prod-xre-app38.frk11
X-HW: 1616080018.dop201.sk1.shc,1616080018.dop201.sk1.t,1616080019.cds045.sk1.sc,1616080019.cds045.sk1.p
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Type: image/gif
Content-Length: 42

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 7665 0
38 B 9ms
6ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?KKcWyg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:59 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame C237 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?wN6fMA
Requested by: Host: themortgageworks.co.uk
URL: https://themortgageworks.co.uk/placing-business/case-tracking?utm_source=TMW&utm_medium=email&utm_campaign=12218826_March%20Newsletter%20%2721&%3Fpartnerref%3Dregemail3=12218826_March%20Newsletter%20%2721&dm_i=5KD,79W3U,KWQL0P,THVYB,0
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:06:59 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C237 28 B
315 B 18ms
17ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_6uFCvS6z8Y?rel=0&html5=1&vq=hd720&modestbranding=1
X-YouTube-Client-Version: 1.20210315.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtTaTk4dzVlUjAtSSiR2c2CBg%3D%3D
X-YouTube-Ad-Signals: dt=1616080018292&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C754%2C424&vis=1&wgl=true&ca_type=image&bid=ANyPxKotPjtwwXwYwUnjNBGN5RjQKRB4W4QFilI63gRdxB0ebfOG2hcGfU8eVV55W_c9lu4wBvmeGK01l6ygeRCI0-phwG8Ghw

Response headers

date: Thu, 18 Mar 2021 15:07:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Mar 2021 15:07:09 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7665 28 B
305 B 18ms
18ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/223a7479/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/omecseGaLCY?rel=0&html5=1&vq=hd720&modestbranding=1
X-YouTube-Client-Version: 1.20210315.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtlWjJaSzcxOFBONCiR2c2CBg%3D%3D
X-YouTube-Ad-Signals: dt=1616080018264&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C754%2C424&vis=1&wgl=true&ca_type=image&bid=ANyPxKp2asFMC2g_1ZOO0CCV1t-GqF2xMCcmKEsTqs2z3uCGYLXbp0sk1-AOdmyv8o9LQepJqMdce2uByEhrVFBRd5KO53n28A

Response headers

date: Thu, 18 Mar 2021 15:07:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 18 Mar 2021 15:07:09 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 21:13:52	Name: demdex Value: 52429537767591957424058953233369354240
.flashtalking.com/	1970-01-20 10:25:52	Name: flashtalkingad1 Value: "GUID=4825174323DF74\|segment=(vsb)"
.youtube.com/	1970-01-19 21:13:52	Name: VISITOR_INFO1_LIVE Value: eZ2ZK718PN4
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: j69YI-Pz7H8
themortgageworks.co.uk/	1970-01-20 10:25:52	Name: AMCV_1D4334B852784A2D0A490D44%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18705%7CMCMID%7C52458242495082467534060579485063359679%7CMCAAMLH-1616684818%7C6%7CMCAAMB-1616684818%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1616087218s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18712%7CvVersion%7C3.3.0
.themortgageworks.co.uk/	1970-01-20 10:28:44	Name: mbox Value: session#b65aa161d7714a068a75209d58a8c79b#1616081879\|PC#b65aa161d7714a068a75209d58a8c79b.37_0#1679324819
.themortgageworks.co.uk/	1969-12-31 23:59:59	Name: s_cc Value: true
.themortgageworks.co.uk/	1970-01-19 16:54:41	Name: du Value: duSD
.themortgageworks.co.uk/	1969-12-31 23:59:59	Name: s_ptc Value: %5B%5BB%5D%5D
.themortgageworks.co.uk/	1970-01-19 16:54:41	Name: gpv_p19 Value: b2b%3Atmw%3Aplacing%20business%3Acase%20tracking
.themortgageworks.co.uk/	1969-12-31 23:59:59	Name: check Value: true
.themortgageworks.co.uk/	1970-01-19 16:54:41	Name: mboxEdgeCluster Value: 37
.themortgageworks.co.uk/	1969-12-31 23:59:59	Name: TS0151dab0 Value: 01462af731c07ff35a667bf12e97edc6916071bf0aa4f1fc287cdc7b8d82351c14ecd41136f9bc242388d57fea59b2188a52ff762a2ee39d20c4b34bc0ddcb79c55030be7985c63354ed39536282ad74f51eda0658e51e7ca5e6f4f071f56089db378cda7e
themortgageworks.co.uk/	1969-12-31 23:59:59	Name: AMCVS_1D4334B852784A2D0A490D44%40AdobeOrg Value: 1
themortgageworks.co.uk/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: j1530vzwh0w041tgpn0hhe0f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src .tt.omtrdc.net dpm.demdex.net metrics.nationwide.co.uk smetrics.nationwide.co.uk 'self' .swiftype.com; font-src data: 'self'; frame-src fast.nationwide.demdex.net nationwide.demdex.net servedby.flashtalking.com 'self' r1.surveysandforms.com *.youtube.com; img-src dpm.demdex.net cm.everesttech.net metrics.nationwide.co.uk smetrics.nationwide.co.uk ads.avocet.io ads.avct.cloud tags.bluekai.com sync.crwdcntrl.net data: ps.eyeota.net px.ads.linkedin.com 'self' www.linkedin.com; object-src 'self'; script-src snap.licdn.com data: 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avct.cloud
ads.avocet.io
cm.everesttech.net
dpm.demdex.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
nationwide.demdex.net
nationwidebuildingso.tt.omtrdc.net
px.ads.linkedin.com
servedby.flashtalking.com
smetrics.nationwide.co.uk
snap.licdn.com
static.doubleclick.net
themortgageworks.co.uk
tmwnews.co.uk
www.google.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
104.16.210.86
15.237.136.106
155.131.44.131
205.185.216.10
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2016
2a02:26f0:10c:582::25ea
52.17.151.21
52.18.150.20
52.210.171.182
54.171.42.33
0b30cd93097a382cdabbcd066d8002c86b4e31011fbd62596f7b2b902bb00dc4
0cb730361fcdca8931c327d6d7edb61efe8c52e2b1d91c896683895185f928b2
0e9135225823bc245c7c83fc1394c0564946b5e2e9e3eaaa4b5f57340b1e908c
1b90628af4bb48018e953bf72619b2d4c1bc38f0b2943a9bcb3c82c1e1f43f7d
21f5d8e0be243d68c657f8995dd08995d6de0bb168860ddb4079df5b7b360c71
22b07c41e5e0d488334b6f7d178e2f396fd3d3c7e9d2b4f74d7c155d57be8413
310d3704665b959a3fade6270a17f78f1f13321c0b3b2e9e7bd5a1cb4274a7bb
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
437b76e811fdd2a1c1ea1fae9b20236f1106ddb51fd2cb112426d417f01fa4cc
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48079255e90bd4ac42d9c8d427fa41184f7b0ca09c5c91e3f788ba3491cfe8b1
4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2
4fbd2e7d95c5704faed25bdf33b6df1d6e23485a1264c93f886e1a043f47a68e
500d5c92554669fe65e3f9933fc6a23078509eba730947ccbe5e3cbf95547fd1
512fb8aa833ba6ddf4db5ae909cabead33ce1ddeb65e25bf71d1fde617276f49
5b7c4a4ba3b0fc6690f08997fff8dca8c6bb63b90144b59c03b45d2a0a6abac4
5cfc1d72a6c4c817544222468ad1a2f27ed404481f529f223c05c1c52bb3ba2c
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8d0c3cbb514094c98860c6f43d28502541eaa1defe9a6755ba47e538b85a3b4c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b45cc2fcbc9c7d85cf581260ff9e938d12087a12205f542248b5317bf6a267d1
c18812758d7398c7b85d7d07ad329fdc52aedc5d332d8c9feb83bdf6f5b98ede
c385d07a93edc1225ddec1d77758ebc53da1c6e9d6dbbe8746e34c08f5c041ac
d4c77bd95fbdc7d21507cdad2005c980bfe48977496c8b0b8db97395f4cc5512
d6c95c67f16e3f6ac479dc18443f539aba4c717354298683071f513ab864f638
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96072a785f0e1071fbfd1328cb8e3dfc07fe18140bf41d16bc97d86ff40818d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e876557b18f3103f57f783a5fbcf889c056566f70555ff879105884369c70f
f2b40f0999ce2d8954c5396c45d0e007c99582ff9e2cfc886fee29cbb3f5c12d
f59ec302ed00a6311bae7276bff76ffd918ca4cc692fa8109dadb786a241a165
f63b3005f4b37c04072cd33f727de483c78172e2a22f6f6482d16efff512359d

themortgageworks.co.uk Open in urlscan Pro 155.131.44.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

58 %IPv6

17 Domains

21 Subdomains

17 IPs

5 Countries

2222 kBTransfer

5376 kBSize

15 Cookies

8 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

themortgageworks.co.uk Open in urlscan Pro
155.131.44.131 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

58 %
IPv6

17
Domains

21
Subdomains

17
IPs

5
Countries

2222 kB
Transfer

5376 kB
Size

15
Cookies

53 HTTP transactions
3 data transactions